Language Selection

English French German Italian Portuguese Spanish

Java flaws open door to hackers

Filed under
Security

The flaws are "highly critical," security monitoring company Secunia said in an advisory posted Tuesday. Flaws that get that ranking--one notch below Secunia's most severe "extremely critical" rating--are typically remotely exploitable and can lead to full system compromise.

Both flaws affect the Java Runtime Environment, or JRE. This is the Java software many computer users have on their system to run Java applications. The bugs could allow a Java application to read and write files or execute applications on a victim's computer, Sun said in two separate security advisories released Monday.

One is a general flaw in the JRE, while the other is specific to Java Web Start, a technology to load Java applications over a network such as the Internet.

The flaws could be exploited through a malicious Web site, according to alerts from the French Security Incident Response Team, which rates both issues "critical."

JRE is part of Sun's Java 2 Platform Standard Edition, or J2SE. Both flaws affect J2SE 5.0 and 5.0 Update 1 for Windows, Solaris and Linux. The general JRE flaw also affects J2SE 1.4.2_07 and earlier 1.4.2 releases for those operating systems, Sun said.

The Santa Clara, Calif.-based company is urging people to install updated software to protect against possible exploitation of the security flaws. It has released two software updates to address the issues: J2SE 5.0 Update 2, which has actually been available since February, and J2SE 1.4.2_08, which was released recently, company representatives said. The software can be downloaded from the Java.com Web site.

Sun said it wasn't aware of any exploits or attacks using the flaws.

Source.

More in Tux Machines

Why Intel Invests in Open Source [VIDEO]

Few if any companies in the world today are as deeply involved in open source work as tech giant Intel. Helping to lead Intel's open source efforts is Imad Sousou, VP in Intel's Software and Services Group and GM of the Intel Open Source Technology Center Read more

AMD Catalyst 15.5 Linux Video Driver Supports SUSE Linux Enterprise Desktop 12

AMD finally updated their graphics driver for Linux platforms to version 15.5, a release that introduces support for the SUSE Linux Enterprise Desktop (SLED) 12 operating system. Read more

Debunking the Myths of the Open Source Community

The Linux operating system is the most popular open-source software in the world and has been ported to more computer hardware platforms than any other operating system. Readers will know the story of the underdog who rose to become the world’s leading server operating system. Android especially, a Linux derivative, has caused a stir in recent years with two out of three tablets and 75 percent of all smartphones using the Linux derivative operating system. Read more

Firefox Puts You in Control of Your Online Life

We created Firefox to give people choice and control of their Web experience and we’re always adding more ways to personalize your Firefox. Firefox is made by a non-profit organization and a global community dedicated to Mozilla’s mission of promoting openness, innovation and opportunity online. Read more