Mka

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE and Java for Business 6 Update 21 **Description** The issue affects the confidentiality, integrity, and availability of the system, allowing remote attackers to exploit it via unknown vectors. It is reportedly related to how Web Start retrieves security policies, involving `BasicServiceImpl` and potentially forged policies that bypass sandbox restrictions. **Recommendations** For Oracle Java SE and Java for Business 6 Update 21, consider disabling the `BasicServiceImpl` until a patch is available to prevent potential remote code execution. Restrict access to Web Start to minimize the risk of exploitation. Avoid using forged policies that could bypass sandbox restrictions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.