|
|
|
|
|
|
by shanemhansen
3704 days ago
|
|
|
> But you'd actually have to try if you wanted Java to be able to write arbitrary memory or execute arbitrary code. Depends on your definition of arbitrary. Higher level languages have higher level exploits. While injecting x86 shellcode into a java process is probably hard, many java applications have been vulnerable to serialization bugs which result in the execution of arbitrary bytecode. Source: http://www.darkreading.com/informationweek-home/why-the-java... |
|
|