Oracle Java SE and Java for Business CVE-2011-0863 Remote Code Execution Vulnerability

Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability in the Java Runtime Environment. This issue affects the Deployment sub-component. Specifically, commands may be injected to the Web Start process.

The vulnerability can be exploited over multiple protocols.

Attackers can exploit this issue by enticing an unsuspecting user to visit a specially crafted webpage. A successful exploit will result in arbitrary code being executed in the context of the user running the Web Start process. Failed exploit attempts will likely result in denial-of-service conditions.

This vulnerability affects the following supported versions:

6 Update 25


 

Privacy Statement
Copyright 2010, SecurityFocus