Sun Microsystems, Inc. Information for VU#886582

Java Deployment Toolkit insufficient argument validation



Vendor Statement

Oracle has released the following Security Alert:
which provides more details about the fixes for these issues.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



This issue is addressed in Java 1.6.0_20. Please see the release notes for more details. This update provides new versions of the Java Deployment Toolkit ActiveX control and plug-in. The update also sets the kill bit for the vulnerable version of the ActiveX control.

If you have feedback, comments, or additional information about this vulnerability, please send us email.