JAVA DEVELOPMENT KIT 5.0 UPDATE 22 CODE
Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier JDK and JRE 5.0 Update 16 and earlier and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry. The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier JDK and JRE 5.0 Update 16 and earlier and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows remote attackers to execute arbitrary code via DNS man-in-the-middle attacks. Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier JDK and JRE 5.0 Update 16 and earlier and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll. The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword. Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. If you want to see a complete summary for this CPE, please contact us. However, you can access them via our archives.This CPE have more than 25 Relations. These releases and products have completed the Oracle "end-of-life" (EOL) process and are no longer supported under standard support contracts. Oracle provides some older product and technology releases as a courtesy to developers for problem resolution. If you're not clear on the difference between J2SE and Java SE 6, please read the Naming and Versioning article. Please see the System Configurations document for information on supported systems.
New (but compatible) default Java look and feel.New language updates: Metadata, Generics, Enumerated types, Autoboxing of primitive types.The development of J2SE 5.0 was led by Sun and progressed following the Java Community Process (JCP) to include input from a variety of constituents. J2SE 5.0 Update Now Available! The Release Notes summarize the changes made in this and previous updates. J2SE 5.0 is a significant release including many new features and updates while preserving compatibility and stability.
JAVA DEVELOPMENT KIT 5.0 UPDATE 22 PORTABLE
Java Platform, Standard Edition (Java SE) software is the premier platform for rapidly developing and deploying secure, portable applications that run on server and desktop systems spanning most operating systems. Customers are encouraged to migrate today. Important Notice! Java SE 6 represents the latest release of the Java Platform, Standard Edition.