Sun Microsystems has warned of a security hole in Java that could allow hackers to infiltrate Java environments and execute unauthorised commands.
According to a security bulletin issued by the company this week, Sun said certain versions of the Java Runtime Environment (JRE) could allow malicious Java code to run unauthorised commands.
However, since JRE's default setting prevents unauthorised commands, Sun claimed the exploitation of the vulnerability would be rare.
"It is like leaving your house door open. The default is for you to lock it, but if you leave it open, anyone could get in," said a spokesman, who explained that the flaw could be exploited if permission to execute at least one command is granted.
According to Sun, there have been no reported instances of the hole being exploited but that JRE and Java Developer Kit versions 1.2.2_005 and 1.2.1_003, and earlier releases, could be affected.
The company also warned that the flaw could be exploited in Java implementations from its licencees but said a remedy has been made available to them. However, Sun said Netscape Navigator and Microsoft Internet Explorer, which use Java technology, are not exposed to the vulnerability.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago