Updating sun java
This includes both code snippets embedded in the card text and code that is included as a file attachment.
Excepted from this license are code snippets that are explicitely marked as citations from another source.
Before Firefox can run Java applets you must have the Java plugin properly installed and enabled.
An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted '.jnlp' file.
Users who have Java SE 6 Update 11 have the latest security fixes and do not need to upgrade to this release to be current on security fixes..." Bug Fixes: 140 FYI... It will automatically configure Sun Java to prevent the old OSI applet from running (by enabling the certificate revocation checks described below).
Sun Java SE Runtime Environment JRE 6 Update 13 released - 24, 2009 Release Notes - Alternatively, you may remove the trust relationship to the old Secunia certificate and / or manually enable the following Sun Java security settings: "Check publisher certificate for revocation" "Enable online certificate validation" Technical Background The problem in Sun Java, which affects the Secunia OSI and other signed applets, will be presented at a security conference on 16/10/2008.
Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Specifically, the vulnerability resides in the Java Web Start utility 'javaws.exe'.