JRE version that fix Java Web Start vulnerabilty

Hi to all,

I see this security post:

http://www.frsirt.com/english/advisories/2007/2384

"Sun Java Web Start Arbitrary File Overwrite and Command Execution Vulnerability"

How can I understand if the JRE 1.5.12 fix this security bug?

I have seen on the release notes but I have not seen any reference to it.

Thanks

ken

[365 byte] By [kenshiro2000a] at [2007-11-27 9:32:46]

«« JApplet is not working properly...
»» Exploded EAR deployment supported?

# 1

> How can I understand if the JRE 1.5.12 fix this security bug?The notice you quoted says the affected versions are 'Sun JRE version 5.0 Update 11 and prior'. What is there to understand?

ejpa at 2007-7-12 22:51:55 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

# 2

FrSIRT is not SUN, so I have to be very secure that in the actual version of 1.5 (1.5.12) this security bug has been fixed.

I am in a production environment and before starting a massive deployment of new JVM version I have to be secure of this.

Thanks

Ken

> > How can I understand if the JRE 1.5.12 fix this

> security bug?

> The notice you quoted says the affected versions are

> 'Sun JRE version 5.0 Update 11 and prior'. What is

> there to understand?

kenshiro2000a at 2007-7-12 22:51:55 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

JRE version that fix Java Web Start vulnerabilty

Security Hot Topic

Security

All Classified