Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Patches for Java issued on August 5 – version 1.6.15

by Leave a Comment

Sun issued a patch to Java on August 5 to address several vulnerabilities. Please make sure your java has downloaded an automatic update to version 1.6.15


http://secunia.com/advisories/36159/
Description:
Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user’s system.

1) An error in the JRE SOCKS proxy implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtain the username of the user running the applet or application.

2) An error in the JRE proxy mechanism implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtain browser cookies.

3) An error in the JRE proxy mechanism implementation can be exploited by untrusted applets or untrusted Java Web Start applications to establish connections to normally restricted hosts.

4) An error in the Microsoft Visual Studio Active Template Library (ATL) used by the Java Web Start ActiveX control can be exploited to execute arbitrary code when a user visits a specially crafted web page.