java

Multiple vulnerabilities reported in Sun JDK and JRE

Filed in archive Security on June 3, 2007

Here is another security threat - multiple vulnerabilities have been reported in Sun JDK and JRE. Fujitsu security team has reported an unspecified vulnerability which involves an incorrect use of system classes and another vulnerability has been reported by Google Security Team which involves an integer overflow causing buffer overflow in the ICC parser used with JPG or BMP files.

As a result a remote attacker could lure a user to run specially crafted Java class or applet which could trigger these vulnerabilities and as a result cause execution of arbitrary code outside Java sandbox or crash Java application or browser. As of now there is no workaround therefore all Sun Java Development Kit and Sun Java Runtime Environment users should upgrade to the latest version.

Related Entries:

« Release candidate for Goo... | Main | Sun Java Real-Time System... »

Permalink: Multiple vulnerabilities reported in Sun JDK and JRE

Tags: multiple vulnerabilities Sun JDK and JRE java multiple+vulnerabilities

Vote for Multiple vulnerabilities reported in Sun JDK and JRE:

Currently 9.00/10
1
2
3
4
5
6
7
8
9
10

Rating: 9.00 out of 2 vote(s) cast.

Add your response to Multiple vulnerabilities reported in Sun JDK and JRE:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to Java Entrepreneur newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

RSS
Google
Yahoo!
Addthis
Bloglines
Twitter	Follow us on Twitter!

Tagcloud

All contents are protected by copyright. | Terms of Use | Privacy Policy | Contact Us