Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Vulnerability Report: Oracle Java JRE 1.6.x / 6.x

This vulnerability report for Oracle Java JRE 1.6.x / 6.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Oracle Java JRE 1.6.x / 6.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2014
2.2. Statistics for 2013
2.3. Statistics for 2012
2.4. Statistics for 2011
2.5. Statistics for 2010
2.6. Statistics for 2009
2.7. Statistics for 2008
2.8. Statistics for 2007
2.9. Statistics for 2006
2.10. Statistics for 2005
2.11. Statistics for 2004
2.12. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2014
3.2. List for 2013
3.3. List for 2012
3.4. List for 2011
3.5. List for 2010
3.6. List for 2009
3.7. List for 2008
3.8. List for 2007
3.9. List for 2006
3.10. List for 2005
3.11. List for 2004
3.12. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Sun Microsystems

Product Link View Here (Link to external site)

Affected By 35 Secunia advisories
577 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 6% (2 of 35 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Oracle Java JRE 1.6.x / 6.x, with all vendor patches applied, is rated Highly critical .




Secunia Advisory Statistics (2010)

Statistics based on Secunia advisories released in 2010.

PLEASE NOTE: The statistics provided should NOT be used to compare the overall security of products against one another. It is IMPORTANT to understand what the below comments mean when using the statistics, especially when using the statistics to compare the vulnerability aspects of different products.

Secunia advisories often cover multiple vulnerabilities. Consequently, the number of advisories issued for a product does not always reflect the number of security issues that have been disclosed. For instance, in 2006 Secunia issued more than 5,000 advisories covering more than 9,000 vulnerabilities. This is counted AFTER removing duplicates generated by Linux distributions, issues in beta software, and what Secunia considers non-issues and fake issues that our competitors and other security vendors often write about.

It should also be noted that some operating systems (e.g. certain Linux distributions) bundle together a large number of software packages, and are therefore affected by vulnerabilities, which do not affect other operating systems (e.g. Microsoft Windows) that don't bundle together a similar amount of software packages.

Additionally, the number of unpatched vulnerabilities for a product may be affected by the fact that certain products (product bundles) consist mostly or solely of third party software (such as Linux distributions). Secunia tracks the number of issues fixed by the product vendor and not the issues reported in the third party software; this affects the statistics looking at unpatched issues A direct and fair comparison of unpatched issues for e.g. Microsoft Windows and Linux distributions is therefore NOT possible using the aggregated Secunia statistics. Such a comparison can only be made by tracking the upstream third party software included in Linux distributions and combining this with Linux distributions' own patches before comparing this with the aggregated statistics for Microsoft Windows operating systems.

Factors such as vendor response times and ability to properly fix vulnerabilities should also be considered when comparing products. Writing 100% secure code is virtually impossible, hence the vendor's responsiveness, willingness, and ability to provide quality patches to all its customers in a fast a reliable way is at least as important as the sheer number of vulnerabilities when considering the security of a product.

Please read the text associated with each graph to interpret the graph correctly.


Month by Month
The "Month by Month" graph below shows the number of issued Secunia advisories affecting Oracle Java JRE 1.6.x / 6.x on a month-by-month basis.

This can be used to see how many Secunia advisories are being reported in this product.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=adv&prod=12878&period=2010


Solution Status
The "Solution Status" pie graph below shows the percentages of "Unpatched", "Vendor Patched", "Vendor Workaround" and "Partial Fixed" Secunia advisories affecting Oracle Java JRE 1.6.x / 6.x.

This can be used to get a quick overview of how many unresolved issues this product has.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=sol&period=2010&prod=12878


Criticality
The "Criticality" pie graph below shows the percentages of "Extremely", "Highly", "Moderately", "Less", and "Not" critical Secunia advisories affecting Oracle Java JRE 1.6.x / 6.x.

This can be used to get a quick overview of how severe the issued Secunia advisories that affect this product have been.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=cri&period=2010&prod=12878


Where
The "Where" pie graph below shows the percentages of "From remote", "From local network", and "Local system" Secunia advisories affecting Oracle Java JRE 1.6.x / 6.x.

This can be used to compare the attack vectors of the Secunia advisories that have been issued for this product.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=fro&period=2010&prod=12878


Impact
The "Impact" pie graph below shows the percentages of all Secunia Impact categories based on Secunia advisories affecting Oracle Java JRE 1.6.x / 6.x.

This can be used to see if this product seems to have a problem with specific types of vulnerabilities.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=imp&period=2010&prod=12878

Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: Oracle Java JRE 1.6.x / 6.x 
User Message
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 20:28
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
Last edited on 21st Oct, 2010 20:30
For past week, Secunia PSI keeps indicating "Sun Java JRE 1.6x/6.x Category 4 threat. When I click solution, it updates my Java Platform to Java(TM) 6 Update 22 , which is the most recent version of Java, but when I run the Psi scan again after the solution is applied, the scanners indicates the same security threat. Can anyone help me?

I've already tried manually removing Java from my add/ remove list on my control panel, but the threat still exists. My Os is WindowsXP 2000.
Was this reply relevant?
+1
-1
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 21st Oct, 2010 20:43
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
What is the path to the vulnerability?

FINDING A FILE PATH

ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)


To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V) that path back to the Forum.


Update 7 18:43 02/10/2010




--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 21:00
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
D:\Program Files\Java\jre6\bin\java.exe

This is the installation path
Was this reply relevant?
+1
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 21:06
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
Technical details about this installation of Sun Java JRE 1.6.x / 6.x, you can use this information to determine why the Secunia PSI detected the program and the security state of it.

Version Detected:
6.0.210.7

Installation Path:
D:\Program Files\Java\jre6\bin\java.exe

Last Inspection of Program:
21st Oct. 2010, 20:49 CET
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 21st Oct, 2010 21:44
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
What do U use the D Drive for? I suspect it is a reinstallation partition from your PC maker? Or do U back up to that?

Depending on your reply I may advise creating an ignore - which version of PSI are U using?



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 22:49
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
I had a problem with Java Script back in December of 09' . I received remote assistence from Windows, and when they re-installed the java software , for reasons unknown to me, they decided to re-install in me D drive , rather than in the C drive, where it originally existed.
Was this reply relevant?
+1
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 22:51
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
PSI v1.5.0.2
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 21st Oct, 2010 22:54
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Very odd - as requested what does that drive do? Is it a partition? Backup or has it got an OPERATING SYSTEM on that U use.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 23:00
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
I don't know the answer to that question.
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 21st Oct, 2010 23:08
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Go to My Computer. Right click on the D Drive>select PROPERTIES. What size is the drive? 9 -12 GB?

Where do U activate your programmes from normally? I assume the C DRIVE?

Do U back up your documents/pictures/music to the D DRIVE?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 23:21
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
4.07 GB ; And the D drive is a partition; When I opened drive it said it was a partition, and that files should not be removed, because they might need to be used 4 recovery; thats all I know
Was this reply relevant?
+1
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 23:22
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
I normally activate programs from the C -Drive
Was this reply relevant?
+1
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 23:26
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
Also, There is a website that I go to on a regular basis, and it uses the java format. For the past 2 weeks everytime I go to the website, it tells me there is a windows seccurity issue, and that it cant use one of the plug-ins , presumably Java , and that I should go to manage add-ons, and check security issues under internet options for windows 8 ie
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 21st Oct, 2010 23:35
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 21st Oct, 2010 23:39
OK - Any vulnerabilities showing in that drive are harmless & can be safely ignored.

The reason U cannot update it is the DEFAULT location for all updates is the C DRIVE.

U need to create an Ignore rule for the D DRIVE to prevent any further false alarms.

CREATING A GLOBAL IGNORE RULE - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)

1.Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

2.In the RULE NAME BOX insert the Drive detail - My Partition Drive for example.

3.In the RULE BOX type D:\

4.Click SAVE IGNORE RULE>CLOSE

5.Carry out a full PSI rescan & all should be in order.

All hard drives will continue to be scanned by default but the result from the drives ignored will not be published.


Update 5 16:45 02/09/2010

Edit: Once U have done that does a FULL PSI rescan give U the all clear?

U can test whether your JAVA is working on the C DRIVE - use this link

http://java.com/en/download/help/testvm.xml

Is it working?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+5
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 21st Oct, 2010 23:56
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
If my Java program is set 4 automatic updates; will it still update even though my java is behind a partition? Also, are you a Secunia employee? And if not, where do I send your Christmas gift?

You Have the patience of a Saint,
Russ Wheeler
USA
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 22nd Oct, 2010 00:19
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Russ,
The answer is no. Automatic updaters will only install to the default location of the C drive.

I am not an employee - not clever enough for that.

Have U now got JAVA working on the C drive?

When U did a full scan did U get a 100% secure report?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 22nd Oct, 2010 01:27
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
Yes , It's working , and I got a 100% rating. I just got off the phone with a Microsoft security technician. He told me that because the problem was caused by 1 of their technicians putting my java on my D-Drive, if I was willing to invest about 1/2 hr , with remote assistance from them, that they would help me un-install it off the D- drive , and re-install it on my C-drive.
my Java program is set for automatic updates.
Is their any real advantage in re- locating this program back onto my C- drive, or should I quit while I'm ahead of the game?
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 22nd Oct, 2010 01:40
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 22nd Oct, 2010 01:43
I would leave the copy on the D drive.

To put a copy on the C drive go here:

http://www.java.com/en/download/ie_manual.jsp?loca...

It will auto install it to the C drive.

Once installed use this to test it is working correctly.

http://java.com/en/download/help/testvm.xml

U should then be OK.

Off to bed now - very late in UK. If U have total success could U please lock (ACCEPT) the thread which will prevent us both getting emails from "tag on" posts - the button to press is next to REPLY. If not leave a message & I will pick it up in the morning.



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+6
-0
stanleycup80 RE: Sun Java JRE 1.6.x / 6.x
Member 23rd Oct, 2010 00:37
Score: 11
Posts: 13
User Since: 17th Oct 2010
System Score: N/A
Location: N/A
When I went to download the updated Java program using the link you supplied, it told me that a copy already existed, but didn't specify if that copy was on the c-drive or d-drive. I think I already have an updated copy of java on my c-drive , as well as the copy on my d-drive. I'm not sure ,when I use the link , what copy it is going to un install before it re installs the new copy.
can you help me determine if I have a copy of the updated java on my c-drive?
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 23rd Oct, 2010 07:14
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 23rd Oct, 2010 07:15
Firstly, is it showing in Control Panel>add/remove? There should be an entry JAVA(TM) 6 Update 22.

Is there an icon for JAVA (looks like a coffe cup) in Control Panel?

What happens when U press here:

http://java.com/en/download/help/testvm.xml



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
shaul54 RE: Sun Java JRE 1.6.x / 6.x
Member 24th Oct, 2010 17:31
Score: 1
Posts: 1
User Since: 24th May 2009
System Score: N/A
Location: N/A
I have the exact same problem/situation with Sun Java JRE 1.6.x / 6.x.

HELP! anybody?
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 24th Oct, 2010 17:34
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
JAVA PROBLEMS
Can be used with Windows XP,Vista & Windows 7 - 32 & 64 Bit Systems.

Go to Control Panel>add/remove.

Uninstall ALL versions of JRE or JSE or JDK or JAVA(TM) EXCEPT for JAVA(TM) 6 Update 22.

Now do a full PSI rescan & all should be in order.

Windows does not require JAVA to be installed to work therefore if U make a error & uninstall the lot it does not matter.

U can download the latest version from here if U really require JAVA.

http://www.java.com/en/download/ie_manual.jsp?loca...

Original 00:05 21/10/2010



--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
TiMow RE: Sun Java JRE 1.6.x / 6.x
Dedicated Contributor 24th Oct, 2010 18:21
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
By replying to relevant threads, will hopefully keep them on the first page, and relegate this overload of spam to the second page.
Apologies for unnecessary e-mail update.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
tomrobs RE: Sun Java JRE 1.6.x / 6.x
Member 24th Oct, 2010 22:41
Score: 1
Posts: 1
User Since: 24th Oct 2010
System Score: N/A
Location: N/A
Just want to thank Maurice Joyce for his absolutely correct advice on getting rid of those Java 1.5/1.6 apps.
I am new to the program and this forum, so I hope this thank you message to Maurice J. gets through.
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 24th Oct, 2010 23:32
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Tomrobs

Pleased U are all fixed up now.

@Shaul54

How are U getting on? All fixed?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
tbenton RE: Sun Java JRE 1.6.x / 6.x
Member 5th Nov, 2010 12:32
Score: 3
Posts: 3
User Since: 22nd Oct 2010
System Score: N/A
Location: N/A
I have JRE 1.6x/6.x installed and J2SE runtime environment 5.0 Update 6 and thats all I have for Java. I never have any JAVA issues and just got PSI and it keeps telling me that my security threat is JRE 1.5x/5.x. When I try to update it says I already have that version but I have the newer version. I have re-scanned and get same thing. What can I do to have PSA recognize that I already have the latest version?

Tx
TerriB
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 5th Nov, 2010 13:09
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
terriB

Just scroll up to my post above. U need to remove all old versions.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
tbenton RE: Sun Java JRE 1.6.x / 6.x
Member 5th Nov, 2010 14:25
Score: 3
Posts: 3
User Since: 22nd Oct 2010
System Score: N/A
Location: N/A
Maurice.

In my list of programs in control panel there are no other versions installed. The list only show the latest versions. Could they be hidden somewhere?

TerriB
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 5th Nov, 2010 16:55
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Yes - on a patition,backup drive or the Recycle Bin (unlikely).

FINDING A FILE PATH

ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)


To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V) that path back to the Forum.

If the path is anything other than C U can safely ignore it using a Global Rule.

CREATING A GLOBAL IGNORE RULE - ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)



1.Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

2.In the RULE NAME BOX insert the Drive detail - My Backup Drive for example.

3.In the RULE BOX type D:\ (or the drive letter U wish to ignore). If it is the i386 folder use this - C:\windows\i386

4.Click SAVE IGNORE RULE>CLOSE

5.Carry out a full PSI rescan & all should be in order.

All hard drives will continue to be scanned by default but the result from the drives ignored will not be published.


Update 5 16:45 02/09/2010




--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
tbenton RE: Sun Java JRE 1.6.x / 6.x
Member 5th Nov, 2010 18:15
Score: 3
Posts: 3
User Since: 22nd Oct 2010
System Score: N/A
Location: N/A
Maurice,

While I was waiting for an update I started looking deeper for an old Java file. Searching found nothing but I found a folder in Java Program Files that with a previous version of the Java Runtime Environment so I deleted it and scanned again and VOILA...the JRE error is GONE. I had a bunch of new ones for Adobe Flash Player and took care of those and scanned again and good to go for now. I really appreciate your help and if JRE pops up again I know exactly where to get the instructions. I also cut/pasted them and filed in my email so I will have it on hand.

Thanks again

Terri
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 5th Nov, 2010 18:21
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Terri,
Good news. Pleased U are all fixed up - have a nice weekend.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
ffmmusic RE: Sun Java JRE 1.6.x / 6.x
Member 23rd Nov, 2010 07:58
Score: 1
Posts: 1
User Since: 18th Oct 2010
System Score: N/A
Location: N/A
Thank you Maurice,
Removing earlier updates of Sun Java from add/remove programs worked great. I now have 100%.
Was this reply relevant?
+1
-0
ballbreaker666 RE: Sun Java JRE 1.6.x / 6.x
Member 17th Dec, 2010 01:27
Score: 2
Posts: 2
User Since: 8th Dec 2010
System Score: N/A
Location: US
I have also gotten this on my vulnerability report and when I click on the solution it redownloads the same sun java program which is as follows:

http://sdlc-esd.sun.com/ESD6/JSCDL/jdk/6u22-b04/jr...

The current installation path for java from the tech data is C:\Program Files (x86)\Java\jre1.6.0_07\bin\java.exe

Secunia is relatively new to me and I am very very technically challenged. I just try to follow directions and its just not going away when I follow the solution. Can you help please
Was this reply relevant?
+1
-0
TiMow RE: Sun Java JRE 1.6.x / 6.x
Dedicated Contributor 17th Dec, 2010 07:58
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 17th Dec, 2010 09:56
OK bb666

Firstly, it is often better to create a new thread than to tag on the end of a long one that has lain dormant for nearly a month - never mind.

Secondly the last 2 numbers of the installation path you have given refer to the update version number - i.e. this is update "7" - which is old (currently update 23). With each update of Java, only the previous version (and not all old versions) is (are) removed. At some point in the past this one got missed (which is common).

Thirdly the Java download link, you've given appears to be faulty, but don't worry, as that applies to update 22 anyway.

Go to Control Panel and double click Java icon; then on Java control panel click on the 2nd tab "Update", and bottom right on "Update now" to initiate installation of update 23.

Once that is installed go to Add/Remove Programs (from Control Panel) and scroll down to Java. Here you should find "Java (TM) Update 7" - click to highlight, then on Remove. You should only have one listing for the current Java - "Java (TM) Update 23". If you have others (which may also be written as JRE, JSE or JDK), these too can be removed.

If after a short time the removal of the insecure Java hasn't been notified by PSI, you may need to re-boot and full re-scan PSI for changes to be recognised.

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+3
-0
kash1015 RE: Sun Java JRE 1.6.x / 6.x
Member 18th Dec, 2010 11:17
Score: 0
Posts: 1
User Since: 21st Aug 2009
System Score: N/A
Location: N/A
I have the same problem and am using Windows XT. I don't think this is a PC Problem - I think this is a Secunia issue.
Was this reply relevant?
+1
-1
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 18th Dec, 2010 11:27
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Where is Secunia pointing to with the problem?
FINDING A FILE PATH

ALL PSI VERSIONS EXCEPT VERSION 2 (BETA)


To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V)) the Installation Path of the file back to the Forum.

PSI VERSION 2 (BETA)

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each one.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Highlight it then copy (CTRL+C) then paste (CTRL+V)) that path back to the Forum.


Update 7 18:43 02/10/2010




--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+4
-0
ballbreaker666 RE: Sun Java JRE 1.6.x / 6.x
Member 19th Dec, 2010 18:12
Score: 2
Posts: 2
User Since: 8th Dec 2010
System Score: N/A
Location: US
(unknown source)
OK bb666



Go to Control Panel and double click Java icon; then on Java control panel click on the 2nd tab "Update", and bottom right on "Update now" to initiate installation of update 23.
TiMow


Sorry, for some reason, when I click on Java icon it will only update to version 7 and I don't know how to get past this....
Was this reply relevant?
+1
-0
TiMow RE: Sun Java JRE 1.6.x / 6.x
Dedicated Contributor 19th Dec, 2010 19:41
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Remove Java u.7 from Add/Remove (as described in my post above).
Go to this link and click "Free Java Download" (red button)

http://www.java.com/en/

Re-boot and re-scan PSI

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+2
-0
rabbit5485 RE: Sun Java JRE 1.6.x / 6.x
Member 30th Mar, 2011 16:02
Score: 1
Posts: 1
User Since: 7th Dec 2009
System Score: N/A
Location: N/A
GREAT help... this worked PERFECTLY... THANKS from MN
Was this reply relevant?
+1
-0
ingber RE: Sun Java JRE 1.6.x / 6.x
Member 12th Nov, 2011 15:34
Score: 1
Posts: 14
User Since: 26th Nov 2008
System Score: N/A
Location: N/A
Last edited on 12th Nov, 2011 15:34
Secunia has not updated this in half a year? What about version 6.29?
Was this reply relevant?
+1
-0

tgthyu

RE: Sun Java JRE 1.6.x / 6.x
[+]
This reply has been deleted
philmck RE: Sun Java JRE 1.6.x / 6.x
Member 26th Jun, 2012 16:03
Score: 1
Posts: 1
User Since: 7th May 2009
System Score: N/A
Location: UK
Last edited on 26th Jun, 2012 16:03
The automatic update to 1.6.0.33 caused my apps (e.g. Five9) to stop working. The latest 1.6 version on the Oracle site is 1.6.0.32 - perhaps 1.6.0.33 was withdrawn?

--
Phil McKerracher
Was this reply relevant?
+1
-0
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 26th Jun, 2012 17:35
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
JAVA 6 Update 33 is here on the Oracle site:

http://java.com/en/download/manual_v6.jsp

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0

Maurice Joyce

RE: Sun Java JRE 1.6.x / 6.x
[+]
This reply has been deleted
Thunder1963 RE: Sun Java JRE 1.6.x / 6.x
Member 28th Jun, 2012 11:46
Score: -1
Posts: 5
User Since: 24th Jan 2010
System Score: N/A
Location: US
Last edited on 28th Jun, 2012 11:55
JAVA 7 is the current version. JAVA 6 is obsolete now.

1.7.0.5 is the most current version out.

If your still running 1.6.x.x you need to delete it and update to the newest version out.

Was this reply relevant?
+1
-1
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 28th Jun, 2012 13:14
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Where is the evidence to support this statement?

JAVA 7 is the current version. JAVA 6 is obsolete now.

Although ADVISABLE to update to the latest version JAVA 6 Update 33 remains supported according to the Oracle Support Site.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
Thunder1963 RE: Sun Java JRE 1.6.x / 6.x
Member 29th Jun, 2012 10:20
Score: -1
Posts: 5
User Since: 24th Jan 2010
System Score: N/A
Location: US
Poor choice of wording on my part. However stating that, anytime a program is updated, as far as I am concerned, any prior version is obsolete in my book, whether still being supported or not.

Win XP is considered obsolete by many people, but, it's still supported.

The original poster indicated a problem with update 33 on Java 6. Since most programs update along with other updated programs, maybe that is the possible problem and the OP should update to the newest, latest version. I look at all angles.
Was this reply relevant?
+1
-1
Maurice Joyce RE: Sun Java JRE 1.6.x / 6.x
Handling Contributor 29th Jun, 2012 10:52
Score: 11559
Posts: 8,884
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Thank you. Your personal preferences are just that & are certainly not those of Secunia or many others.

Many believe that the latest is not necessarily the greatest:

https://secunia.com/blog/240/

PSI works on the vulnerability status of a programme. It is not interested in updates or upgrades that merely fix bugs or makes cosmetic changes.

In the case of Oracle JAVA members who have Version 6 installed will be given a link to the latest security fix within that version rather than try to force them to upgrade to Version 7. That standpoint remains until such time as the vendor declares it End of Life.

This scenario is very true of PSI.

PSI Versions 1,2 & 3 are secure & supported. Judging from current & past comments many users will continue to use or revert back to version 2 which by no stretch of the imagination can be called obsolete in comparison to the useability & features of version 3.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
MaritimeRider RE: Sun Java JRE 1.6.x / 6.x
Member 2nd Jul, 2012 21:12
Score: 22
Posts: 174
User Since: 15th Mar 2009
System Score: 100%
Location: CA
Try Sun Java web site for updates. Your's is an older version.I had the same issue and this worked for me. Just remember to delete the older version.
Hope this helps
Was this reply relevant?
+2
-0
Thunder1963 RE: Sun Java JRE 1.6.x / 6.x
Member 2nd Jul, 2012 22:16
Score: -1
Posts: 5
User Since: 24th Jan 2010
System Score: N/A
Location: US
Last edited on 2nd Jul, 2012 22:17
Thats pretty much what I indicated in my responses above. Although JAVA 6 is still available, its not current.

I gave the most reasonable correction available to fix the matter, but instead I get attacked.

I will NO LONGER be supporting this forum when its being ran by a select few who think they know everything, when its clear they don't.

Good luck with any future issues you all may have...In which most are simply solveable by making sure your updated FULLY, and not just security updated.

I will no longer respond to any updates to this thread or any other threads.
Was this reply relevant?
+2
-2

Gustar_Terpstra

RE: Sun Java JRE 1.6.x / 6.x
[+]
This reply has been minimised due to a negative Relevancy Score.

OldWarrior632

RE: Sun Java JRE 1.6.x / 6.x
[+]
This reply has been minimised due to a negative Relevancy Score.

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability