Friday, November 19, 2010

Eclipse Source Code Disclosure

Funny Eclipse Source Code Disclosure   [View Online | Download]

This is not to describe source code disclosure as a vulnerability for the open-source Eclipse. Java web servers have been notoriously known for source code disclosure flaw. This is a demo of this kind in the recent Eclipse Help Server "Helios" version. The flaw seems to be due to Eclipse adaptor linked with OSGI framework.Who else might be vulnerable?