Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Google App Engine Java Security Sandbox bypasses - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google App Engine Java Security Sandbox bypasses

Adam Gowdiak from Polish vulnerability research company Security Explorations has issued an announcement concerning vulnerabilites in the Google App Engine.  Details are still somewhat thin, but it appears that multiple vulnerabilities have been discovered and that some of these vulnerabilities will allow a Java VM sandbox escape.

Further information is available at Full Disclosure archive at

-- Rick Wanner - rwanner at isc dot sans dot org - - Twitter:namedeplume (Protected)


324 Posts
ISC Handler
Dec 6th 2014

Sign Up for Free or Log In to start participating in the conversation!