Language Selection

English French German Italian Portuguese Spanish

Java flaws open door to hackers

Filed under

The flaws are "highly critical," security monitoring company Secunia said in an advisory posted Tuesday. Flaws that get that ranking--one notch below Secunia's most severe "extremely critical" rating--are typically remotely exploitable and can lead to full system compromise.

Both flaws affect the Java Runtime Environment, or JRE. This is the Java software many computer users have on their system to run Java applications. The bugs could allow a Java application to read and write files or execute applications on a victim's computer, Sun said in two separate security advisories released Monday.

One is a general flaw in the JRE, while the other is specific to Java Web Start, a technology to load Java applications over a network such as the Internet.

The flaws could be exploited through a malicious Web site, according to alerts from the French Security Incident Response Team, which rates both issues "critical."

JRE is part of Sun's Java 2 Platform Standard Edition, or J2SE. Both flaws affect J2SE 5.0 and 5.0 Update 1 for Windows, Solaris and Linux. The general JRE flaw also affects J2SE 1.4.2_07 and earlier 1.4.2 releases for those operating systems, Sun said.

The Santa Clara, Calif.-based company is urging people to install updated software to protect against possible exploitation of the security flaws. It has released two software updates to address the issues: J2SE 5.0 Update 2, which has actually been available since February, and J2SE 1.4.2_08, which was released recently, company representatives said. The software can be downloaded from the Web site.

Sun said it wasn't aware of any exploits or attacks using the flaws.


More in Tux Machines

Learning The Linux File System

Before we get started, let’s avoid any confusion. There are two meanings to the term “File System” in the wonderful world of computing: First, there is the system of files and the directory structure that all of your data is stored in. Second, is the format scheme that is used to write data on mass storage devices like hard drives and SSD’s. We are going to be talking about the first kind of file system here because the average user will interact with his or her file system every time they use a computer, the format that data is written in on their storage devices is usually of little concern to them. The many different file systems that can be used on storage is really only interesting to hardware geeks and is best saved for another discussion. Now that that’s cleared up, we can press on. (Read the rest at Freedom Penguin)

today's howtos

Red Hat and Fedora

FreeNAS 10 Enters Alpha, Brings Lots of New Technologies, Based on FreeBSD 10.2

FreeNAS' Jordan Hubbard was proud to announce the other day, October 8, the release and immediate availability for download of the first Alpha build of the upcoming FreeNAS open source Network Attached Storage (NAS) solution. Read more