Thursday, March 7, 2013
In Java found one more vulnerability
Experts say that in the current versions of Java, you can use a number of digital certificates that have been revoked by the certifying cents or have expired date of use.
American publication ArsTechnica conducted its own investigation of the problem and make sure it is available. The publication reports that he discovered a site that hosted malicious software signed with a digital certificate in the name of the company and was discharged Clearesult Consulting hoster GoDaddy. GoDaddy itself revoke the digital certificate in December last year, but the certificate in the Java environment is still valid.
Detailed investigation is available at: