lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: full-disclosure at nym.hush.com (full-disclosure@....hush.com) Subject: JRE < 1.4.2_04 vulnerability >I am confused, being a newblet, how this can be a vulnerability >without an exploit. Is it just that Sun does not want to admit that >there is an exploit? It's a vulnerability because it's exploitable. There's no known exploit (according to securityfocus.com) because there's no widely published and publicly available exploit code.