Critical vulnerabilities covered by urgent patches.
Sun Microsystems
has issued a series of patches to fix several vulnerabilities in its popular
Java
software. Successful exploitation of the flaws could allow remote access to systems and data.
The string of flaws affect various versions of
Java Runtime Environment
(
JRE
),
Java Web Start
and other implementations, on
Linux
and
Solaris
platforms as well as
Windows
. They could allow unauthorised access to network services as well as web pages and local files, allowing spam relaying, cross-site scripting, data harvesting and possibly complete system compromise.
Users are, as always, advised to ensure their software is fully patched and up to date. Details of all the vulnerabilities, along with links to the appropriate patches and upgrades, are on the
Sun
security blog
here
. A summary of the issues at
Secunia
is
here
.
Posted on 05 October 2007 by
Virus Bulletin
Leave a Reply