Are there any affects to Zimbra based on this report?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
US-CERT Vulnerability Note VU#625617 - Java 7 fails to restrict access to privileged code
Instructions on how to disable Java from being used by the browser are at the bottom of the report. There is no reason to uninstall or remove it at this time. I'm sure Oracle Java and Open Source IcedTea developers will fix it shortly.
But reading the actual report, the impact is as such below. Really this is about phishing where a scammer tries to lure you to click on a link that will perform this exploit.
===
Impact
By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system.
Java exploit reported today
Industry info, happenings near you, and new product integrations. Hosting an event? Invite people here.
Jump to
- Zimbra Collaboration Server
- ↳ Administrators
- ↳ Installation and Upgrade
- ↳ Migration
- ↳ Virtualization
- ↳ Developers
- ↳ Zimlets
- ↳ Users
- ↳ Zimbra Connector for Outlook
- ↳ Zimbra Connector for Blackberry
- ↳ CalDAV / CardDAV / iSync
- ↳ Zimbra Collaboration 8.8 Beta
- ↳ Mobility
- ↳ Zimbra Talk
- ↳ Universal UI
- ↳ Zimbra Chat
- ↳ Zimbra Drive
- Zimbra Suite Plus
- ↳ Installation and Upgrade
- ↳ Zimbra Admin Plus
- ↳ Zimbra Backup Plus
- ↳ Zimbra HSM Plus
- ↳ Zimbra Mobile Plus
- Zimbra Desktop
- ↳ General Questions
- ↳ Error Reports
- ↳ Installation Help
- ↳ Zimbra Desktop Beta/RC
- General Zimbra
- ↳ General Zimbra Feedback
- ↳ Announcements
- ↳ Community News
- ↳ Zimbra Success Stories
- Portability
- ↳ BSD
- Other
- ↳ /etc
- ↳ International
- ↳ I18N/L10N - Translations
- ↳ Русский язык-фор
- ↳ French
- ↳ Italian
- ↳ German
- ↳ Spanish
- ↳ Scandinavian
- ↳ Portuguese