JoWie Posted January 23, 2007 Report Posted January 23, 2007 Just letting you all know: http://isc.sans.org/diary.html?storyid=2088Systems AffectedSun Java Runtime Environment versions * JDK and JRE 5.0 Update 9 and earlier * SDK and JRE 1.4.2_12 and earlier * SDK and JRE 1.3.1_18 and earlier Overview The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.Fixed in JRE Version 5.0 Update 10 You should remove all old JRE versions since a java applet may request a version. When installing a new JRE version, the old version does NOT get removed, including java auto update. Working exploits already exist.
Recommended Posts