Digital Edition

SYS-CON.TV
Sun Reports and Fixes Java and Solaris Security Flaws
Updates and Patches Made Available

Two vulnerabilities were reported by Sun Microsystems this week, in Java Web Start and the Sun Java Runtime Environment (JRE). Both could have been exploited by individuals with malicious intentions. A third, termed "less critical," affects versions 7 through 9 of the Solaris OS.

The first was "an unspecified error," according to Danish security firm Secunia, which "may be exploited by a malicious, untrusted application to execute arbitrary code." This vulnerability affected Java Web Start included in J2SE releases 5.0 and 5.0 Update 1 for Windows, Solaris and Linux.

The second error, also unspecified, affected J2SE releases 5.0 and 5.0 Update 1 for Windows, Solaris and Linux, and J2SE 1.4.2_07 and prior 1.4.2 releases for Windows, Solaris and Linux.

Sun's solution to the problem is for developers and other users to update to J2SE 5.0 Update 2 or 1.4.2_08 for Windows, Solaris, and Linux.

The Solaris problem was reported June 16, and "can be exploited by malicious, local users to overwrite arbitrary files on a vulnerable system," according to Secunia, which said the vulnerability was caused to an unspecified error in the Ipadmin utility. Sun has issued several patches for the various versions of Solaris to address this vulnerability.

About Java News Desk
JDJ News Desk monitors the world of Java to present IT professionals with updates on technology advances, business trends, new products and standards in the Java and i-technology space.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The question before companies today is not whether to become intelligent, it’s a question of how and...
While some developers care passionately about how data centers and clouds are architected, for most,...
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...