« Skype Says " Your OS Ate My P2P " | Main | A Quote by Thomas Jefferson »

Sun JRE Font Parsing Vulnerability

Sun JRE Font Parsing Vulnerability

HIGHLY CRITICAL
Description:
A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error in the parsing of fonts contained in Java applets. This can be exploited by malicious, untrusted applets to read and write local files, or to execute local applications.

The vulnerability is reported in the following products:
* JDK and JRE 5.0 Update 9 and earlier
* SDK and JRE 1.4.2_14 and earlier

Solution:
Update to the latest versions or apply patches:

JDK and JRE 5.0 Update 10 or later
http://java.sun.com/j2se/1.5.0/download.jsp

SDK and JRE 1.4.2_15 or later
http://java.sun.com/j2se/1.4.2/download.html

Why am I not surprised that there's another issue with applets and Sun's java runtime ?
And remember, bunkies, the java autoupdater does not remove older, vulnerable versions !
One must uninstall it/them from Add/Remove Programs in the Control Panel on Windows OS'.

Posted by MowGreen on August 23, 2007 2:12 PM |

TrackBack

TrackBack URL for this entry:
http://busterbunny.castlecops.com/MT/mt-tb.cgi/1160

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)