Easy to Learn Java: Programming Articles, Examples and Tips

Start with Java in a few days with Java Lessons or Lectures

Home

Code Examples

Java Tools

More Java Tools!

Java Forum

All Java Tips

Books

Submit News
Search the site here...
Search...
 
Search the JavaFAQ.nu
1000 Java Tips ebook

1000 Java Tips - Click here for the high resolution copy!1000 Java Tips - Click here for the high resolution copy!

Java Screensaver, take it here

Free "1000 Java Tips" eBook is here! It is huge collection of big and small Java programming articles and tips. Please take your copy here.

Take your copy of free "Java Technology Screensaver"!.

The Java Web Start is vulnerable: Unauthorized Access!!

JavaFAQ Home » Security Go to all tips in Security


Bookmark and Share

Security Vulnerability With Java Web Start Related to Incorrect Use of System Classes!

Sun Java Web Start is vulnerable and may allow remote attackers to gain unauthorized access to a vulnerable computer!!!

A security vulnerability in Java Web Start may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files that are accessible to the user running the Java Web Start application.

Read more below...

To workaround the problem, you should not lunch untrusted applications with Java Web Start. You can even temporarily disable the use of Java Web Start.

To prevent any Java applications from being automatically launched from a web browser follow the next steps:

For Mozilla:

1. Edit --> Preferences
2. Then select "Helper Applications" located in the "Navigator" category
3. In the "Files types" window, scroll until you locate "application/x-java-jnlp-file"
4. Remove "application/x-java-jnlp-file".

For Internet Explorer (IE):

1. Open File Explorer.
2. Tools -->Folder Options
3. Select the "File Types"
4. In the "Registered File Types" window, scroll down, locate and select the "JNL - JNLP File"
5. Click the "Delete" button to remove the "JNL - JNLP File"

Also remove shortcuts to unknown Java applications from your desktop or start menu.

Affected Java versions

Sun SDK (Windows Production Release) 1.4.2 _08
Sun SDK (Windows Production Release) 1.4.2 _05
Sun SDK (Windows Production Release) 1.4.2 _04
Sun SDK (Windows Production Release) 1.4.2 _03
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2 _08
Sun SDK (Solaris Production Release) 1.4.2 _05
Sun SDK (Solaris Production Release) 1.4.2 _04
Sun SDK (Solaris Production Release) 1.4.2 _03
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2 _08
Sun SDK (Linux Production Release) 1.4.2 _05
Sun SDK (Linux Production Release) 1.4.2 _04
Sun SDK (Linux Production Release) 1.4.2 _03
Sun SDK (Linux Production Release) 1.4.2 _02
Sun SDK (Linux Production Release) 1.4.2 _01
Sun SDK (Linux Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2 _12
Sun JRE (Windows Production Release) 1.4.2 _06
Sun JRE (Windows Production Release) 1.4.2 _05
Sun JRE (Windows Production Release) 1.4.2 _04
Sun JRE (Windows Production Release) 1.4.2 _03
Sun JRE (Windows Production Release) 1.4.2 _02
Sun JRE (Windows Production Release) 1.4.2 _01
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2 _12
Sun JRE (Solaris Production Release) 1.4.2 _06
Sun JRE (Solaris Production Release) 1.4.2 _05
Sun JRE (Solaris Production Release) 1.4.2 _04
+ Opera Software Opera Web Browser 7.54
Sun JRE (Solaris Production Release) 1.4.2 _03
Sun JRE (Solaris Production Release) 1.4.2 _02
Sun JRE (Solaris Production Release) 1.4.2 _01
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2 _12
Sun JRE (Linux Production Release) 1.4.2 _06
Sun JRE (Linux Production Release) 1.4.2 _05
Sun JRE (Linux Production Release) 1.4.2 _04
+ Opera Software Opera Web Browser 7.54
Sun JRE (Linux Production Release) 1.4.2 _03
Sun JRE (Linux Production Release) 1.4.2 _02
Sun JRE (Linux Production Release) 1.4.2 _01
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun Java 2 Runtime Environment 5.0.Update 9
Sun Java 2 Runtime Environment 5.0.Update 10
Sun Java 2 Runtime Environment 5.0 Update 8
Sun Java 2 Runtime Environment 5.0 Update 7
Sun Java 2 Runtime Environment 5.0 Update 6
Sun Java 2 Runtime Environment 5.0 Update 5
Sun Java 2 Runtime Environment 5.0 Update 4
Sun Java 2 Runtime Environment 5.0 Update 3
Sun Java 2 Runtime Environment 5.0 Update 2
Sun Java 2 Runtime Environment 5.0 Update 1
Sun Java 2 Runtime Environment 5.0

Not affected Java versions:

Sun SDK (Windows Production Release) 1.4.2
Sun SDK (Solaris Production Release) 1.4.2
Sun SDK (Linux Production Release) 1.4.2
Sun JRE (Windows Production Release) 1.4.2
Sun JRE (Solaris Production Release) 1.4.2
Sun JRE (Linux Production Release) 1.4.2
Sun Java 2 Runtime Environment 5.0 Update 11


 Printer Friendly Page  Printer Friendly Page
 Send to a Friend  Send to a Friend

.. Bookmark and Share

Search here again if you need more info!
Custom Search



Home Code Examples Java Forum All Java Tips Books Submit News, Code... Search... Offshore Software Tech Doodling

RSS feed Java FAQ RSS feed Java FAQ News     

    RSS feed Java Forums RSS feed Java Forums

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest 1999-2006 by Java FAQs Daily Tips.

Interactive software released under GNU GPL, Code Credits, Privacy Policy