Sun Fixes Vulnerabilities with Java 6 Update 17
© AMagill
Sun Microsystems this week released Java 6 Update 17.
"Among the issues fixed by Sun is a command execution vulnerability in the Java Runtime Environment Deployment Toolkit," writes InternetNews’ Sean Michael Kerner. "According to Sun’s advisory on the issue, the vulnerability could potentially be leveraged to execute arbitrary code. There is also critical fix for a vulnerability in the Java Web Start Installer which potentially could enable an untrusted Java app to run as trusted and then run whatever code it wants. Update 17 also addresses what Sun refers to as ‘Multiple buffer and integer overflow vulnerabilities in the Java Runtime Environment.’ The overflow vulnerabilities could potentially lead to a privilege escalation attack."
More here from IT-Chuiko … more here from The H Security … more here from ZDNet … and more here from PC World.