Flaw found in Sun Java software

Sun Microsystems announces a "moderately critical" flaw in its Java software that a remote attacker could use to cause a denial-of-service attack.

Sun Microsystems recommends updating to SDK and JRE 1.4.2_04 or later releases to correct a "moderately critical" flaw in its Java software that a remote attacker could use to cause a denial-of-service attack.

The Java runtime environment vulnerability "may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive," resulting in a DoS attack, the company said in an advisory on its Web site.

The advisory identifies Windows, Solaris and Linux programs that use the SDK and JRE 1.4.2_03 or earlier 1.4.2 releases as those at risk. The advisory said releases prior to 1.4.2 are not affected.

Sun announced the flaw May 6, but provided few details. There is no workaround, upgrading is the only solution.

Sun advisory

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close