Security update for Java2 and the Java2 JRE
(Last modified: 19OCT2005)
solutions Security update for Java2 and the Java2 JRE SuSE Linux Maintenance Web (dc3d9aad7a9a6df3b2a43d6374b3ca9c)
Product(s): Open Enterprise Server
Java Web Start can be exploited remotely due to an error in input validation of tags in JNLP files. An attacker can pass arbitrary command-line options to the virtual machine to disable the sandbox and get access to files (CAN-2005-0836).
The second bug is equal to the first one but can also triggered by untrusted applets (CAN-2005-1974).
rpm -Fvh java2.rpm java2-jre.rpm
Download Source Packages
Download the source code of the patches for maintained products.