Digital Edition

SYS-CON.TV
Sun Reports and Fixes Java and Solaris Security Flaws
Updates and Patches Made Available

Two vulnerabilities were reported by Sun Microsystems this week, in Java Web Start and the Sun Java Runtime Environment (JRE). Both could have been exploited by individuals with malicious intentions. A third, termed "less critical," affects versions 7 through 9 of the Solaris OS.

The first was "an unspecified error," according to Danish security firm Secunia, which "may be exploited by a malicious, untrusted application to execute arbitrary code." This vulnerability affected Java Web Start included in J2SE releases 5.0 and 5.0 Update 1 for Windows, Solaris and Linux.

The second error, also unspecified, affected J2SE releases 5.0 and 5.0 Update 1 for Windows, Solaris and Linux, and J2SE 1.4.2_07 and prior 1.4.2 releases for Windows, Solaris and Linux.

Sun's solution to the problem is for developers and other users to update to J2SE 5.0 Update 2 or 1.4.2_08 for Windows, Solaris, and Linux.

The Solaris problem was reported June 16, and "can be exploited by malicious, local users to overwrite arbitrary files on a vulnerable system," according to Secunia, which said the vulnerability was caused to an unspecified error in the Ipadmin utility. Sun has issued several patches for the various versions of Solaris to address this vulnerability.

About Java News Desk
JDJ News Desk monitors the world of Java to present IT professionals with updates on technology advances, business trends, new products and standards in the Java and i-technology space.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The explosion of new web/cloud/IoT-based applications and the data they generate are transforming ou...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, wi...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
DXWorldEXPO LLC announced today that Ed Featherston has been named the "Tech Chair" of "FinTechEXPO ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide ...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
We build IoT infrastructure products - when you have to integrate different devices, different syste...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...