Java Users at Risk

'Highly critical' vulnerabilities affect older versions of the JRE.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

There are a number of really good reasons to update to the latest version of Java. Not the least of which is the fact that older versions of the Java Runtime Environment have now been reported to be at risk from seven highly critical vulnerabilities.

Sun advisory number 102171 describes the vulnerabilities and is titled, "Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges."

According to security firm Secunia, various unspecified errors in the "reflection" APIs cause the vulnerabilities, which could lead to a system compromise.

Sun's advisory does not specify what the actual errors are. A Sun spokesperson was not immediately available for comment.

The first advisories related to the vulnerabilities in the "reflection" APIs date back to at least November when the company issued Sun Alert ID: 102003, which identified three vulnerabilities.

IBM issued its own "technote faq" in December.

This article was first published on InternetNews.com. To read the full article, click here.

Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.