Java flaws haunt Mac OS X Staff

Attackers could exploit several Java-based flaws in Mac OS X to bypass certain security programs, launch cross-site scripting assaults or cause a denial of service, Apple says.

Danish vulnerability clearinghouse Secunia said in its SA28115 advisory

    Requires Free Membership to View

that an error in Java is caused by improper access checks, and that attackers could exploit it to add or remove items from a user's keychain without prompting the user via a specially crafted Java applet. Other vulnerabilities in Java 1.4 and J2SE 5.0 can be exploited to bypass certain security restrictions, conduct cross-site scripting attacks, cause a denial of service or compromise a user's machine.

Apple recommended in its advisory that users upgrade to Java Release 6 for Mac OS X 10.4.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: