JMU
Vulnerabilities in Java
and Mitigations


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu


An Important Point
Access/Visibility Vulnerabilities
Access/Visibility Vulnerabilities (cont.)
Access/Visibility Vulnerabilities (cont.)
Reference Vulnerabilities
String Vulnerabilities
Serialization Vulnerabilities
Inner Class Vulnerabilities
Assertion Vulnerabilities
Character Encoding Vulnerabilities
Reflection Vulnerabilities
What About the "Classics"?
What About the "Classics"? (cont.)