Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Multiple Vendor Java Web Start Unsigned Application Vulnerability

Multiple Vendor Java Web Start Unsigned Application Vulnerability

by Nikola Strahija on March 21st, 2002 Java Web Start is an application-deployment technology. It is designed to allow users to easily launch, access and download Java applications via a web-page link.


It has been reported that vulnerable versions of Java Web Start may be used to gain unauthorized access to restricted resources. This vulnerability affects how Java Web Start is used to open unsigned applications.

Remote: Yes

Exploit: No

Solution: Sun and HP have released upgrades which rectify this issue.






HP Java Web Start 1.0.00:

HP Upgrade license_webstart_1-0-1-01
http://www.hp.com/products1/unix/java/java2/webstart/downloads/license_webstart_1-0-1-01.html

HP Java Web Start 1.0.1.00:

HP Upgrade license_webstart_1-0-1-01
http://www.hp.com/products1/unix/java/java2/webstart/downloads/license_webstart_1-0-1-01.html

Sun Java Web Start 1.0:

Sun Upgrade Java Web Start 1.0.1_02
http://java.sun.com/cgi-bin/javawebstart-platform.sh?

Sun Upgrade Java 2 SDK, v 1.4
http://java.sun.com/j2se/1.4/

Sun Java Web Start 1.0.1_01:

Sun Upgrade Java Web Start 1.0.1_02
http://java.sun.com/cgi-bin/javawebstart-platform.sh?

Sun Upgrade Java 2 SDK, v 1.4
http://java.sun.com/j2se/1.4/

Sun Java Web Start 1.0.1:

Sun Upgrade Java Web Start 1.0.1_02
http://java.sun.com/cgi-bin/javawebstart-platform.sh?

Sun Upgrade Java 2 SDK, v 1.4
http://java.sun.com/j2se/1.4/







Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »