[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SE-2012-01] information regarding recently discovered Java 7 attack

On 2012-08-29 18:10, Jeffrey Walton wrote:
Have you reported the issues to US Cert?

No. Per our Disclosure Policy, we stick to reporting issues to original
vendors only.

Will you be disclosing details on Bugtraq/Full Disclosure?

Yes. As indicated, we are planning to release a technical write-up
where we will present many new details of security issues found.

We'll send notification about the paper release to Bugtraq / Full
Disclosure mailing lists. We do not plan to do that prior to the
release of the necessary security fixes by Oracle though.

Thank you.

Best Regards,
Adam Gowdiak

Security Explorations
"We bring security research to the new level"