06 June 2008, 11:34

Several holes in Java System Active Server Pages closed

Sun Microsystems has published an update to close six security holes in Java System Active Server Pages. According to Sun, these holes enable an attacker to run arbitrary code remotely on the server, access data, create arbitrary files, and circumvent security restrictions. The errors are present in all versions up to and including 4.0.2, and for all platforms. They are corrected in version 4.0.3.

Also on The H:

HP warns of critical holes in its server monitoring software
Microsoft plans to patch 34 holes
No end to cross site scripting holes
Several vulnerabilities in Mapbender map software
Opera fixes security holes
Microsoft update for IIS does not always install correctly

Channels

Services

Several holes in Java System Active Server Pages closed

Also on The H:

Content Security Policy halts XSS in its tracks

Skype's ominous link checking: Facts and speculation

Password protection for everyone

Two clicks for more privacy

What's new in SUSE Linux Enterprise 11 SP3

What's new in Fedora 19

What's new in Linux 3.10

Free Software post-PRISM

Kernel Log: Coming in 3.10 (Part 4) - Drivers

The trouble with "Business Source"

Kernel Log: Coming in 3.10 (Part 3) - Infrastructure

Whatever happened to Google?

Java EE 7 at a glance

Continuous database migration with Liquibase and Flyway

Unit testing with Node.js

Ruby 2.0 - the 20th birthday present

Linux Mint 15: A better Ubuntu for the desktop

What's new in Linux 3.9

Replacing Google Reader

Attacking TrueCrypt

The H

The H Open

The H Security

The H Developer

The H Internet Toolkit