Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Google App Engine Java Security Sandbox bypasses SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google App Engine Java Security Sandbox bypasses

Adam Gowdiak from Polish vulnerability research company Security Explorations has issued an announcement concerning vulnerabilites in the Google App Engine.  Details are still somewhat thin, but it appears that multiple vulnerabilities have been discovered and that some of these vulnerabilities will allow a Java VM sandbox escape.

Further information is available at Full Disclosure archive at seclists.org.

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Rick

307 Posts
ISC Handler
Dec 6th 2014

Sign Up for Free or Log In to start participating in the conversation!