Sun Microsystems announced two new security updates this morning.
Security Vulnerability in Mozilla 1.7 May Allow Arbitrary JavaScript Commands to be Run
This update affects Mozilla 1.7 for Solaris 8, 9, and 10 on SPARC and X86 platforms. An attacker could use a web site or email to execute arbitrary JavaScript as the local user (CVE-2006-5463). Although there is no final resolution, Sun recommends disabling JavaScript.
JSP Source Code Exposure Issue on Windows Platform Affects Sun Java System Application Server
This update addresses a vulnerability in Sun Java System Application Server in Windows. An attacker may be able to gain access to JSP source code. Sun has made patches available to fix the problem.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply