Multiple vulnerabilities reported in Sun JDK and JRE
Here is another security threat – multiple vulnerabilities have been reported in Sun JDK and JRE. Fujitsu security team has reported an unspecified vulnerability which involves an incorrect use of system classes and another vulnerability has been reported by Google Security Team which involves an integer overflow causing buffer overflow in the ICC parser used with JPG or BMP files.
As a result a remote attacker could lure a user to run specially crafted Java class or applet which could trigger these vulnerabilities and as a result cause execution of arbitrary code outside Java sandbox or crash Java application or browser. As of now there is no workaround therefore all Sun Java Development Kit and Sun Java Runtime Environment users should upgrade to the latest version.