Vulnerability in Sun Java Discovered

On Friday two advisories were released about a serious Java vulnerability that opens current versions of Windows and Linux up to web based attacks.

Tavis Ormandy of Google and Ruben Santamarta both discovered the flaw independently. Ormandy notified Sun of the flaw and when Sun decided not to patch right away, published an advisory with a work around for the issue.

According to ZDNET Zero day the flaw occurs:

 “…because the Java-Plugin Browser is running “javaws.exe” without validating command-line parameters. These parameters can be controlled by attackers via specially crafted embed HTML tags within a Web page,” Santamarta warned.

For more information and a temporary solution see the full ZDNET Zero Day article.

~ by D. Dieterle on April 11, 2010.

One Response to “Vulnerability in Sun Java Discovered”

  1. […] This post was mentioned on Twitter by Hacker Safe. Hacker Safe said: Vulnerability in Sun Java Discovered « CYBER ARMS – Computer Security: On Friday two advisories were released a.. http://tinyurl.com/ydndmmp […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: