I wasn’t surprised to see a whole heap of new Java vulnerabilities listed as I sifted through the security mailing list traffic this morning. I have opined on multiple occasions about the abomination and why I believe that everybody who doesn’t have a damn good reason should uninstall it (or at the very least disable the browser plugins to lower your remotely exploitable attack surface).
We now have CVE-2013-5802 and at least five more related advisories surfacing today regarding the official Oracle Java environment. I am getting sick of talking about Java vulnerabilities, I really am.
Mike the Crypto Goat 