Yesterday Sun released an advisory pertaining to Sun Java. It turns out that there are several problems with it that can result in bypass, information disclosure and denial of service to name a few.
From US-CERT:
Sun has released updates for Java SE. These updates address multiple vulnerabilities in Java Runtime Environment (JRE), Java Web Start, Java Management Extensions (JMX), JDK, and Java Runtime Environment Virtual Machine. These vulnerabilities may allow a remote attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information or cause a denial-of-service condition.
Follow the link for the Sun Alert links. There are patches available.
UPDATE: For more on this check out John Heasman’s blog posting. I should have known he had some hand in this.
🙂
