Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ToolVersionCheckerDescription
Parasoft Jtest9.5SECURITY.EAB.CPCL, SECURITY.EAB.MPT, SECURITY.EAB.SMO, OOP.MUCOPImplemented
SonarQube Java Plugin
Include Page
SonarQube Java Plugin_V
SonarQube Java Plugin_V
S2384Implemented for arrays, collections and Dates

Related Vulnerabilities

CVE-2012-0507 describes an exploit that managed to bypass Java's applet security sandbox and run malicious code on a remote user's machine. The exploit created a data structure that is normally impossible to create in Java but was built using deserialization, and the deserialization process did not perform defensive copies of the deserialized data. See the code examples in SER07-J. Do not use the default serialized form for classes with implementation-defined invariants for more information.

...