Sun Releases Information on J2SE Vulnerabilities

The Sun Security Community blog has released information on 11 areas of vulnerabilities against Java 2 Platform, Standard Edition. Some of the vulnerabilities can be considered quite important. In each area a workaround has been created.

On October 3rd

• Sun Alert 103071 Java Runtime Environment (JRE) May Allow Untrusted Applets or Applications to Display An Oversized Window so that the Warning Banner is Not Visible to User

• Sun Alert 103072 An Untrusted Java Web Start Application or Java Applet May Move or Copy Arbitrary Files by Requesting the User to Drag and Drop a File from Application or Applet Window to a Desktop Application

• Sun Alert 103073 Multiple Security Vulnerabilities in Java Web Start Relating to Local File Access

Details of the alerts and their workarounds are available at http://blogs.sun.com/security/date/20071003

On October 9th

• Sun Alert 103078 Security Vulnerability in Java Runtime Environment May Allow Network Access Restrictions to be Circumvented
• Sun Alert 103079 Security Vulnerability in Java Runtime Environment With Applet Caching May Allow Network Access Restrictions to be Circumvented

Details of the alerts and their workarounds are available at http://blogs.sun.com/security/date/20071009