TechTarget

Exploit code circulates for Sun's Java

A number of reported vulnerabilities in Sun Microsystems’ Java Runtime Environment (JRE) can now be exploited in the wild as a result of code circulated on the internet.

A number of reported vulnerabilities in Sun Microsystems’ Java Runtime Environment (JRE) can now be exploited in the wild as a result of code circulated on the internet.

The JRE software allows Javascript code to be run on operating systems, including Windows, Linux and Unix.

Sun has already issued patches to close the security holes, but users who have not updated their systems are now vulnerable to the exploit code now said to be circulating.

Internet security firm Secunia issued a report about the flaws at the end of last year.

It said that two errors existed in the JRE which can be exploited by malicious, untrusted applets to allow attackers to read and write local files or to execute local applications.

In addition, Secunia said that two errors related to serialisation existed in the JRE, which could be exploited by a malicious, untrusted applet to elevate privileges.

Users should update their JRE software to the latest version to avoid problems, said Secunia.

Sun promises open source Java

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close