sdkp1-java-1_4_2-ibmSecurity update for IBM JavaSecurity update for IBM JavaThe IBM Java JRE/SDK has been brought to release 1.4.2 SR
containing several bugfixes, including following security
fixes:
CVE-2007-0243: A buffer overflow vulnerability in the
Java(TM) Runtime Environment may allow an untrusted applet
to elevate its privileges. For example, an applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2006-6737/CVE-2006-6736: Two vulnerabilities in the
Java Runtime Environment may independently allow an
untrusted applet to access data in other applets.
CVE-2006-6745: Two vulnerabilities in the Java(TM) Runtime
Environment with serialization may independently allow an
untrusted applet or application to elevate its privileges.
The IBM Java JRE/SDK has been brought to release 1.4.2 SR
containing several bugfixes, including following security
fixes:
CVE-2007-0243: A buffer overflow vulnerability in the
Java(TM) Runtime Environment may allow an untrusted applet
to elevate its privileges. For example, an applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2006-6737/CVE-2006-6736: Two vulnerabilities in the
Java Runtime Environment may independently allow an
untrusted applet to access data in other applets.
CVE-2006-6745: Two vulnerabilities in the Java(TM) Runtime
Environment with serialization may independently allow an
untrusted applet or application to elevate its privileges.
securityjava-1_4_2-ibmx86_64a03826a21d50450c59a6dea48700c5d44e4b73e3java-1_4_2-ibm-develx86_64f3d6144efb4ca053f263e57ee41c4b5943a6ffec