Sun Java Runtime Environment Multiple Vulnerabilities

Started by Eric the Red, December 28, 2006, 08:53:54 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Eric the Red

December 28, 2006, 08:53:54 AM
Note: This information was released on December 19th and is placed here for reference purposes.

Affected:
Sun JDK and JRE 5.0 Update 7 and prior
Sun SDK and JRE 1.4.2_12 and prior
Sun SDK and JRE 1.3.1_18 and prior

Description: The Sun Java Runtime Environment and the Sun Java Software
Developer Kit (SDK) contain multiple vulnerabilities. These
vulnerabilities include remote code execution, privilege escalation, and
information disclosure. If a user browses a webpage containing a
malicious Java applet, the applet may be able to execute arbitrary code
on the client system with the privileges of the logged-on user. Note
that the Java applets are automatically downloaded and executed in
typical browser configurations. Also, the Sun Java Runtime Environment
is installed by default on Microsoft Windows systems prior to Windows
XP, many Unix and Unix-like operating systems (including Sun Solaris),
and many Linux distributions. Previous flaws in JRE have been exploited
to compromise systems in the wild; hence, this update should be applied
on an expedited basis.

Status: Sun confirmed, updates available.

http://www.securityfocus.com/bid/21673
http://www.securityfocus.com/bid/21674
http://www.securityfocus.com/bid/21675 
"The time to start running is around about the "e" in "Hey, you!" "
Print
Go Up Pages1
User actions