Java Could Allow Untrusted Applets to Elevate Privileges

Five vulnerabilities in Java could allow untrusted applets to elevate privileges, and the applets could then read and write local files and perform other unauthorized actions. Sun Microsystems published three articles (1, 2, 3) that discuss these problems and recommends that people upgrade to Java 2 Platform, Standard Edition (J2SE) Software Developers Kit (SDK) and Java Runtime Environment (JRE) 1.4.2_09, or J2SE Developers Kit (JDK) and JRE 5.0 Update 4 to protect themselves against these vulnerabilities.

IBM also reported that the same vulnerabilities exist in IBM Java SDK. IBM recommends that people upgrade to IBM SDK 1.4.2 Service Release 3 (SR3) or IBM SDK 1.3.1 SR9.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.