Computing in the real world
SEARCH FOR: IN: Advanced Search
Guest  Level 00    Register Log in

News 

[PSUs]
Wednesday 8th February 2006
Java Web Start vulnerability highlighted 5:55PM, Wednesday 8th February 2006
The security company Secunia is warning of a 'highly critical' vulnerability in Java technology. Specifically, it reports a problem with Java Web Start, which is included in the Java 2 platform Standard Edition (J2SE). This can be exploited by a malicious application elevating its privileges to read and write local files that are accessible to a user running the Java Web Start app.

Exact details of the vulnerability have not been disclosed, but Java Web Start is a means to launch large external applications, such as a spreadsheet or an Internet chat client, with a single click and without going through installation procedures. Once started, the application should - from the user's point of view - function as a native application.

The issue can occur in Java Web Start in J2SE 5.0 Update 5, and earlier 5.0 releases for Windows, Solaris and Linux, according to the Sun advisory.

The problem has been fixed in J2SE release 5.0 Update 6 and later for Windows, Solaris, and Linux, which is available at http://java.sun.com/j2se/1.5.0/download.jsp.

The vulnerability was discovered by one Peter Csepely, and you can read the Secunia advisory SA18762 here.
Alun Williams

Submit to: Digg  |  Slashdot  |  Del.icio.us  |  Technorati

Related News


Back to top
Compare Broadband
Broadband?
Compare 50+ packages
Enter your postcode below:
Powered by:
Top 10 Broadband
› See more News
› See more Hot topics

Columns

Prolog:

Tim Danton believes that we Brits need to become a bit more American to succeed. › See full Opinion
› See more Columns
›  See more Research Papers