Multiple vulnerabilities in Java Runtime Environment

Last Updated on Friday, 02 November 2007 21:30

[Summary]
Several vulnerabilities were reported in Java Runtime Environment (JRE).

 

1) Java Runtime Environment Applet Caching Bug May Let Remote Users Bypass Network Access Controls
An applet caching bug allows a remote applet to make network connections to arbitrary hosts.

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1

2)Java Runtime Environment (JRE) Lets Remote Applets Obscure the Untrusted Applet Warning Banner Display
A remote user can create a specially crafted applet that, when loaded by the target user, will display a window that exceeds the size of the target user's screen so that the normal untrusted applet warning banner is not visible.

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103071-1

3) Java Runtime Environment (JRE) Bugs Let Remote Users Bypass Network Access Restrictions
A remote user can create a specially crafted applet that, when loaded by the target user, will make connections via Java APIs to arbitrary hosts. By creating a specially crafted applet that, when loaded by the target user via a web proxy, will also make connections to arbitrary hosts.

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1

[Solution/Workaround]
Please apply the fixes described in each vulnerability as soon as possible.

[Reference]
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103071-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1

< Prev		Next >