Education & Training
Services & Support
to create and rate content, and to follow, bookmark, and share content with other members.
Oracle Java 7 Security Manager Bypass Vulnerability
Discussion created by
on Jan 17, 2013
on Jan 18, 2013 by Robert Ensinger
Show 2 Likes
The attached is CA Clarity's formal response to this vulnerability.
This content has been marked as final.
Show 1 comment
(Required, will not be published)
Jan 19, 2013 4:40 AM
if you've recently went live with Clarity V13.1 and you support a client tool (Microsoft Project or Open Workbench) via the Schedule Connect interface you need to be aware of this and see that your client machines are patched to Java 7.11 JRE or later. Our Clarity upgrade was the factor that drove us to installing Java 7 on the workstations that got the new Open Workbench, so, as unfair and technically incorrect as it is, our organization sees 'Clarity' as the reason we installed Java 7 on these machines, thus opening the door to this vulnerability. This is an easy risk to mitigate - install/upgrade to Java 7.11 on all workstations that need to support the client tools. Don't bury your head in the sand, hide behind a tech doc, or hang 'Clarity' out there to be the fall guy (rightly or not). If supporting a client tool, Java 7.11 is a
on the client workstations.
We completed testing (Open Workbench & Java 7.11) and patched client workstations last week and have had no reported issues.
Show 2 Likes
Retrieving data ...
Usability: Support proper DPI scaling of Plex generated applications
How to set up SSO between Service Desk and Service Catalog?
REST GET call virutalization throwing error in Devtest 10.1
Any Custom App/Report on Split User Stories
Pragmatica: Assembling a Competitive Summary of IBM WebSphere - Oracle WebLogic - Red Hat JBoss EAP