BusinessGreen.com > News > Hacking

Sun patches 'critical' Java flaws

Problems with JDK, JRE and SDK

Matt Chapman, vnunet.com, 05 Oct 2007

Sun Microsystems has patched a number of flaws in its Java products that affect users running Windows, Linux and Solaris.

Secunia rated the flaws as 'highly critical' in a security advisory because they could allow a remote attacker to bypass security, gain system access, expose system and sensitive information and manipulate data.

Vulnerabilities were reported in the Java Developer Kit, Java Runtime Environment 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, Software Developer Kit and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier.

Problems included multiple unspecified errors that could allow hackers to use malicious applets or APIs to establish network connections on machines other than the originating host.

Other errors in Java Web Start could also be exploited to read or write local files or find the location of the Java Web Start cache.

An unspecified JRE error could also be used to move or copy arbitrary files on the system.

Sun credited Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, David Byrne and Peter Csepely with finding the vulnerabilities.

More details on the patches are available on the official Sun Security Blog.

Permalink Comments Forward Print

digg del.icio.us reddit!

related content

Seven Microsoft security bulletins on the way

Four 'critical' patches in monthly update 05 Oct 2007

Warning on web 'super worm'

XSS database could cause major problems 03 Oct 2007

Microsoft

Windows 2000 flaw highlights slow Patch Tuesday

Vista and XP spared from most dangerous vulnerabilities 12 Sep 2007

Enterprise Security Technology

'Greynets' waiting to snare enterprises

Consumer messaging apps leaving companies at risk 11 Sep 2007

Apple iTunes

Apple slips security fix into iTunes update

Software exposes users to remote code execution vulnerability 07 Sep 2007

Sun Microsystems issues major Java update

Several bug fixes for Java Runtime Environment 26 Mar 2009

Hacker

Enterprise Security Technology

IBM threat report highlights data risks

Thieves stepping up cyber attacks on organisations, says X-Force division 26 Feb 2010

OpenOffice.org patches six security flaws

Productivity suite gets multiple fixes 23 Feb 2010

Enterprise Security Technology

Adobe warns of Flash and Air flaws

Fixes on the way for 'critical' vulnerabilities 04 Dec 2009

hacker hands

Enterprise Security Technology

New critical IIS flaw discovered

Vulnerability affects IIS 6 and earlier versions 26 Dec 2009

Coal-fired power station

Government announces formation of new CCS office

Yorkshire and Humberside selected as CCS Low Carbon Economic Area, as pilot project receives £6.3m grant 18 Mar 2010

Nissan Leaf

Nissan confirms plan to manufacture electric Leaf in UK

Bumper day for British car industry as Nissan and Ford make major low-carbon vehicle manufacturing commitments 18 Mar 2010

Leaky home

UK must transform to meet future energy needs, warn top engineers

The changes include a transformation of draughty homes, plus vast expansion of renewable and nuclear power 18 Mar 2010

latest in-depth

Garmin

The BusinessGreen.com guide to green driving gadgets

Andrew Williams casts his eye over some of the most popular green driving aids on the market 16 Mar 2010

River

BusinessGreen.com Most Read - March 12 2010

From hydropower hot spots to record-breaking Texan winds, we run down the top stories from the past week 12 Mar 2010

Businesses must stop whinging and tackle the green skills crisis head on

Few debates cast the UK's business and political community in such an unedifying light as the never-ending row over skills.... 12 Mar 2010

More in-depth

what do you think?

Post your comment

Send an email to the Business Green editor at feedback@businessgreen.com

Reader comments for this story

Post your comment What is this?

advertisement

BusinessGreen.com launches green training service

Greening your workplace - what works and how to make it happen training workshop to take place on April 20

Drought

How to undertake a climate risk assessment

BusinessGreen.com casts its eye over the advice that is available to help firms measure their climate risk profile

Job of the week

Senior Air Quality Consultant
Unspecified
Surrey
The Atkins Air Quality & Greenhouse Gas Management team is currently seeking to recruit a Senior Air Quality Consultant. Our...

Air Quality Consultant
Unspecified
Warrington (wa1)
Principal Air Quality Consultant Warrington Principal Air Quality Consultant to lead the air quality team in Warrington ,...

Senior Acoustic Consultant
£28,000
Ridgacre, Birmingham (b32)
We are looking for a bright and talented Senior Acoustic Consultant to join the busy team in our Birmingham office. Ideally,...

Green jobs

Find your next green job here

Business Green Jobs

BusinessGreen blog

BusinessGreen blog

Businesses must stop whinging and tackle the green skills crisis head on

Few debates cast the UK's business and political community in such an unedifying light as the never-ending row over skills. On one side you have those entrepreneurs and business leaders... 12 Mar 2010

More from this blog

Your views on the news

Virgin defends “green” space flight

Comment: Rubber and NOS

Afaik, Spaceship One (and thus SS2, I'm presuming) ran on Nitrous Oxide and rubber. Wouldn't rubber coming from plants be largely carbon neutral? If that's the case, the main environmental worry should be what stratospheric flights...

Kerry backs cap-and-trade plans for US utilities

Comment: Coal-fired Utility Plants and Carbon Dioxide

Coal is a form of carbon. When carbon burns in sufficient air it forms heat and carbon dioxide CO2. When there is less air available less heat and carbon monoxide, CO is formed. Carbon monoxide is...

Read all the latest reader comments

advertisement

advertisement

Primary Navigation

Home

News

In-depth

Reviews

Blog

Audio/Video

Resources

Jobs

Newsletter