Sun patches flaw vulnerable to malicious image files

A flaw has been reported in Sun Microsystems Java Runtime Environment that can be exploited by a malicious user to compromise an affected system.

The flaw is caused by an error when processing GIF image files. Attackers can exploit the vulnerability to cause a heap-based buffer overflow through a specially-created malicious image file.

Vulnerability tracking firm Secunia has rated the flaw "highly critical," meaning it can be exploited without user interaction, but there are no known exploits in the wild.

The flaw exists in DJK and JRE Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier and SDK and JRE 1.3.1_18 and earlier, and was first reported to Sun in June, according to 3Com's Zero Day Initiative.

Sun released a patch for the flaw on Tuesday, according to a company security advisory.

Click here to email Online Editor Frank Washkuch Jr.

Global proxy operator IPIDEA denies Google's malicious intent allegations

Why Renew IT Is Different: Where Science, AI and Sustainability Redefine IT Asset Disposition

Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central

Westpac's Group CTO exits

DTA seeks federal AI oversight committee lead

Sun patches flaw vulnerable to malicious image files

A flaw has been reported in Sun Microsystems Java Runtime Environment that can be exploited by a malicious user to compromise an affected system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

WhatsApp unveils high-security mode

NSW to overhaul state cyber emergency plan

Google busts giant IPIDEA residential proxy network

Microsoft releases fix for flawed January security update

Most popular tech stories

NSW gov to make AI risk assessments less "subjective"

Australian Public Service plans whole-of-gov "learning technology ecosystem"

Macquarie Bank unveils customer-facing 'Q' AI agent

'Jobs, jobs, jobs' the AI mantra in Davos

Dept of Industry reviews its extended ERP stack

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Photos: IoT Impact 2023 brings together data-enabled productivity, sustainability and trust opportunities

Blackberry celebrates "giant step forward"

IoT Impact: Patrick Bossert to discuss digital twins for Australia's electricity networks

'Touch-free' smartphone controlled with head movements

Photos: The 2024 IoT Awards winners

Global proxy operator IPIDEA denies Google's malicious intent allegations

Why Renew IT Is Different: Where Science, AI and Sustainability Redefine IT Asset Disposition

Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central

Westpac's Group CTO exits

DTA seeks federal AI oversight committee lead

Sun patches flaw vulnerable to malicious image files

A flaw has been reported in Sun Microsystems Java Runtime Environment that can be exploited by a malicious user to compromise an affected system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

WhatsApp unveils high-security mode

NSW to overhaul state cyber emergency plan

Google busts giant IPIDEA residential proxy network

Microsoft releases fix for flawed January security update

Most popular tech stories

NSW gov to make AI risk assessments less "subjective"

Australian Public Service plans whole-of-gov "learning technology ecosystem"

Macquarie Bank unveils customer-facing 'Q' AI agent

'Jobs, jobs, jobs' the AI mantra in Davos

Dept of Industry reviews its extended ERP stack

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Photos: IoT Impact 2023 brings together data-enabled productivity, sustainability and trust opportunities

Blackberry celebrates "giant step forward"

IoT Impact: Patrick Bossert to discuss digital twins for Australia's electricity networks

'Touch-free' smartphone controlled with head movements

Photos: The 2024 IoT Awards winners

Log In