David Ansermot Web Developer / TYPO3 Integrator

Java vulnerabilities, already patched by Oracle !

Vulnerabilities have been discovered in Java.

According to the official document of the alert, the vulnerabilities are:

- An error in the code of the class HeadspaceSoundbank can cause a buffer overflow via a specially crafted file Soundbank;
- An error in the processing of images can cause a buffer overflow via a specially crafted Java applet;
- Several other unspecified vulnerabilities exist in Oracle Java components.

These flaws could allow remote execution of malicious code or open a door to a denial of service attack. Confidential records are no longer protected optimally.

The JVM impacted are:
- Java SE JDK / JRE 6 Update 18 and earlier for Windows, Solaris, and Linux;
- Java SE JDK 5.0 Update 23 and earlier for Solaris;
- Java SE SDK 1.4.2_25 and earlier for Solaris;
- Java for Business, JDK / JRE 6 Update 18 and earlier for Windows, Solaris, and Linux;
- Java for Business, JDK / JRE 5.0 Update 23 and earlier for Windows, Solaris, and Linux;
- Java for Business, SDK / JRE 1.4.2_25 and earlier for Windows, Solaris, and Linux.

These reports were confirmed by Oracle that provides security updates to this address.

Source : CERTA alert

Posts that maybe you want to read ::

• Oracle confirms the arrival of JDK 7
• Microsoft will release this afternoon urgent patch for Internet Explorer, which corrects several security vulnerabilities
• Sun VirtualBox 3.1.6 update
• A critical flaw found in Flash Player and Acrobat
• Sun Ray 5.1 available