All the latest UK technology news, reviews and analysis

Java flaw exposed

by Linda Leung in Silicon Valley

23 Feb 2001

Be the first to comment

  • Tweet this

Sun Microsystems has warned of a security hole in Java that could allow hackers to infiltrate Java environments and execute unauthorised commands.

According to a security bulletin issued by the company this week, Sun said certain versions of the Java Runtime Environment (JRE) could allow malicious Java code to run unauthorised commands.

Further reading

However, since JRE's default setting prevents unauthorised commands, Sun claimed the exploitation of the vulnerability would be rare.

"It is like leaving your house door open. The default is for you to lock it, but if you leave it open, anyone could get in," said a spokesman, who explained that the flaw could be exploited if permission to execute at least one command is granted.

According to Sun, there have been no reported instances of the hole being exploited but that JRE and Java Developer Kit versions 1.2.2_005 and 1.2.1_003, and earlier releases, could be affected.

The company also warned that the flaw could be exploited in Java implementations from its licencees but said a remedy has been made available to them. However, Sun said Netscape Navigator and Microsoft Internet Explorer, which use Java technology, are not exposed to the vulnerability.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

Security padlock image

Mykonos looks to thwart hacker intelligence with Web Security Software

Related white papers

Related articles

Related jobs

Today's top stories

Cloud computing use is a major government IT strategy

Government departments face possibility of open source 'spot checks'

Samsung Galaxy S III running Android Ice Cream Sandwich

Samsung Galaxy S3 launch fails to attract iPhone-like crowds

hurricane-irene

American Express predicts online hurricane to blow big business away

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

28%

2%

13%

57%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

X2 PMO lead, Investment Banking, London up to £495 per day

X2 PMO lead, Investment Banking, London up to £495 per...

SEO analyst - Retail ecommerce - Hertfordshire. £35-55k

SEO analyst - Retail E-commerce - c35-55k - Hertfordshire...

ICT Technician

ICT Technician Leicester £10,000 per annum...

Oracle Performance Tuning, Oracle, Engineering

Oracle Performance Tuning, Oracle, Tuning, Engineering...

To send to more than one email address, simply separate each address with a comma.