<p>IDG News Service - Security researchers from Polish vulnerability research firm Security Explorations claim to have identified a new vulnerability in Java 7 that could allow attackers to bypass the software's security sandbox and execute arbitrary code on the underlying system.</p><p>The vulnerability was reported Thursday to Oracle along with proof-of-concept (PoC) exploit code, said Adam Gowdiak, the CEO and founder of Security Explorations, in a message to the Full Disclosure mailing list.</p><p>According to Gowdiak, the vulnerability is located in the Reflection API (application programming interface), a feature that was introduced in Java 7 and which has been the source of many critical Java vulnerabilities so far. Security Explorations confirmed that its PoC exploit code works against Java SE 7 Update 25 and earlier versions, he said.</p><p>The new issue identified by Security Explorations can allow hackers to implement a "classic" attack that has been known for at least 10 years, Gowdiak said.</p><p><a href="http://www.networkworld.com/news/2013/071813-new-vulnerability-found-in-java-271984.html">Keep reading...</a></p>