There is a significant Sun security advisory posted regarding a problem with the Java Runtime Environment (JRE). This could lead to remote compromise on affected systems.
From Sun:
Sun(sm) Alert Notification
* Sun Alert ID: 103024
* Synopsis: Vulnerability in the Java Runtime Environment Font Parsing Code may Allow an Untrusted Applet to Elevate Privileges
* Category: Security
*
Product: Java 2 Platform, Standard Edition
* BugIDs: 6376296
* Avoidance: Patch, Upgrade
* State: Resolved
* Date Released: 15-Aug-2007
* Date Closed: 15-Aug-2007
* Date Modified:1. Impact
A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.
Tags: Java Vulnerability, JRE Vulnerability, Font Parsing Vulnerability
