[virusinfo] Vulnerability in Java Runtime Environment - 6-16-05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Thu, 16 Jun 2005 11:09:39 -0700

From; Panda Oxygen3 24h-365d wrote:

"All good books have one thing in common - they
       are truer than if they had really happened." 
        Ernest Hemingway (1889-1961) US novelist.

      - Vulnerability in Java Runtime Environment -
 Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, June 16, 2005 - Sun has reported, at
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1, that a
critical vulnerability has been detected in Java Runtime Environment, which
could be exploited through untrusted applets to elevate privileges.

The vulnerability could allow a website to host Java applets that, when
view, could get around the security policies in affected systems. The
applets could read and write files on vulnerable systems or run local
applications with the same privileges as the user running the malicious
applet.

The versions affected by this vulnerability are J2SE 1.4.2_07 and earlier
for Windows, Solaris and Linux, and Java 2 Platform Standard Edition(J2SE)
5.0 and 5.0 Update 1 for Windows, Solaris and Linux.

To prevent this exploit, it is recommendable to update to the new versions:

Java 2 Platform Standard Edition(J2SE) 5.0 Update 2:
http://java.sun.com/j2se/1.5.0/download.jsp 

J2SE 1.4.2_08: http://java.sun.com/j2se/1.4.2/download.html

NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If
this happens, just use the 'cut' and 'paste' options to join the pieces of
the URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner: 1) Mhtredir.gen; 2) Netsky.P; 3) Sdbot.ftp;
4) Qhost.gen; 5) Sdbot.DYO.

------------------------------------------------------------

To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Vulnerability in Java Runtime Environment - 6-16-05

1. Home
2. virusinfo
3. Archive
4. 06-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---