Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Java - Remote hacker automatic control

Version: J2SE
Technical Details:

Java Web Start may provide access to overwrite local files and pass control of the system to a remote attacker that has convinced a user to interact with a malicious Java application via the Internet. Arbitrary code execution is possible within the context of the local user.

Specifically, JDK, JRE 5.0 Update 11 and earlier, and SDK, JRE 1.4.2_13 and earlier are vulnerable on Windows platforms.


Late last week a set of vulnerabilities affecting Java Web Start in J2SE were disclosed and patched by Sun. These vulnerabilities can lead to situations where a remote attacker is able to take control of the victim's system in the context of the current victim's privilege level.

Of note, JDK and JRE 6, Solaris, and Linux versions of J2SE are not vulnerable to these issues.


Apply the updates for J2SE at the earliest opportunity




External Tracking Data:

Sun Alert ID: 102957

Social bookmark this page