[pdf]Securing Java In Oracle and DBMS_JVM_EXP_PERMS

Oracle security research has been made public by the Blackhat conference in DC before it is patched by Oracle. Additionally there is some misinformation going round that this work only affects 11.2 which is incorrect as it affects 10.2.0.4.3 as well. These vulnerabilities are theoretically easy to fix but since theoretical is not good enough for real world.

Origine de l’article :
http://www.oracleforensics.com/wordpress/wp-content/uploads/2010/02/SecuringJavaInOraclev2.pdf