Sun patches GIF vulnerability in Java

By Justin Mann on January 18, 2007, 11:23 AM
A critical flaw in Sun's Java Runtime Environment has been patched by Sun. The vulnerability, which we heard about a few weeks ago, related to the JRE's handling of GIF images and could lead to system compromise:

The security flaws could allow an attacker to gain control of a user's system via an untrusted Java applet, which in turn could allow attackers to grant themselves permission to read and write local files or execute applications on the user's computer, according to an advisory issued by Secunia on Wednesday.
While the exploit does require some user intervention (namely, visiting a malicious site), it's still dangerous and if you are using a vulnerable version it's in your best interest to patch. If you are using JRE version 1.3.1._18, whether Windows or Linux, you are vulnerable to this particular exploit.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.