• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Java Web Start Unspecified Privilege Escalation Vulnerability

Solution:
The vendor has released upgraded versions of the affected software as well as Sun Alert ID 101748 to address this issue. Please see the referenced alert for more information.

Further analysis has revealed that Gentoo advisory GLSA 200506-14 does not apply to this BID. The advisory is being removed.

Slackware has released advisory SSA:2005-170-01 to address this issue. Please see the referenced advisory for more information.

HP has released advisory HPSBUX01214 (SSRT051003 rev.0 - HP-UX Java Web Start remote unauthorized privileged access) to address this issue in HP-UX B.11.11 and HP-UX B.11.23. Please see the referenced advisory for more information.


Sun Java 2 Runtime Environment 1.4.2 _03

• Sun J2SE 5.0 (1.5.0) Update 2
  http://java.sun.com/j2se/1.5.0/index.jsp

Sun Java 2 Runtime Environment 1.5

• Sun J2SE 5.0 (1.5.0) Update 2
  http://java.sun.com/j2se/1.5.0/index.jsp

Sun Java 2 Standard Edition SDK 1.5 _01

• Sun J2SE 5.0 (1.5.0) Update 2
  http://java.sun.com/j2se/1.5.0/index.jsp

Sun JRE (Linux Production Release) 1.5 _01

• Sun J2SE 5.0 (1.5.0) Update 2
  http://java.sun.com/j2se/1.5.0/index.jsp

Sun Java 2 Standard Edition SDK 1.5

• Sun J2SE 5.0 (1.5.0) Update 2
  http://java.sun.com/j2se/1.5.0/index.jsp