Security Basics mailing list archives
Leak in SUN Microsystems java object
From: kevinlh () hotmail com
Date: 10 Apr 2006 19:32:56 -0000
I hope someone out there has similar experience. This one really has me worried. I use the JCO everyday, and without it my ability to function is greatly limited. Over the last 4-5 weeks I have noticed a marginal leak over time in the storage of java components. It isn't one particular object, it is pretty much anything I store in the JCO. So far the only detrimental affect was a few corrupted document objects, and the occasional ring object left on a storage unit. I tried a few patches that I used to fix some other container objects, mostly in tighter integration between the primary user interface and the JCO storage, however there seems to be a secondary leak within the storage unit as well. The secondary leak does not appear to cause any external vulnerability, however it does decrease my view of the primary JCO storage. Most of the patches end up failing after I re-initialize the container. The user interface to the JCO is only open when called, but there was one occurren ce of system crash when the lockdown patch was not reapplied after installation of java. If this keeps up I will have to swap products, or upgrade to a new JCO from a different vendor. I have used the SUN Microsystems product for two years, and it is just now starting to show signs of vulnerability. Boy, you pay a premium for good coffee mugs. ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- Leak in SUN Microsystems java object kevinlh (Apr 11)