Java Security indeed no simple buffer overflows but: integer overflows, logic errors, ... most vulnerabilities come from bad design. always try to develop the best design possible. independent from languages, environments, phase of moon. there is no absolutely secure language or environment