FYI...
Security Vulns in the JRE Image Parsing Code may Allow a Untrusted Applet to Elevate Privileges
- http://www.sunsolve.sun.com/search/p...=1-26-102934-1
Update Date: Thu May 31 00:00:00 MDT 2007
Relief/Workaround: There is no workaround. Please see Resolution section below.
Resolution: The first issue is addressed in the following releases (for Windows, Solaris, and Linux):
* JDK and JRE 6 Update 1 or later
* JDK and JRE 5.0 Update 11 or later...
Java SE 6 Update 1 is available for download at the following links:
* http://java.sun.com/javase/downloads/index.jsp
J2SE 5.0 is available for download at the following link:
* http://java.sun.com/j2se/1.5.0/download.jsp ...
Note: When installing a new version of the product from a source other than a Solaris patch, it is recommended that the old affected versions be removed from your system..."
> http://www.us-cert.gov/current/#sun_...urity_advisory
June 6, 2007
> http://www.kb.cert.org/vuls/id/138545
Last Updated: 06/06/2007
- http://java.sun.com/javase/6/
"Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."