Three critical Java flaws

JRE, Sun's Java Runtime Environment, has serious security flaws which allow remote attackers to execute applications on a system, Sun warned. The bugs are already patched in a new release, and affect Windows, Unix and Linux platforms. The Java Software Development Kit (SDK) is also affected. Sun outlined three separate vulnerabilities, each of which could independently allow a specially crafted Java applet, for example embedded in a Web page, to escalate its privileges. That could allow the applet to read and write local files and execute applications accessible to the user running the applet, with the user's privileges.

Secunia and FrSIRT, which maintain vulnerabilities databases, gave the vulnerabilities serious ratings. Three critical Java flaws - Xatrix Security

Linked by shanmuga Wednesday, 30th November 2005 5:27AM