|
Home Forum Radio Memberlist Help Search Quick Links | |
| Forum Index » Internet » Security Alerts and vulnerabilities » Sun Java Plug-in vulnerability |
| Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here.. |
 |
 |
|
Thread Tools | Display Modes |  |
|
#1
11-29-2004, 04:28 PM
|
||||
|
||||
Jouko Pynnonen has reported a vulnerability in Sun Java Plug-in, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a design error, as JavaScript code can create and transfer objects to untrusted applets for some private and restricted classes used internally by the Java Virtual Machine (JVM). This can e.g. be exploited by a malicious web site to turn off the Java security manager and disable the sandbox restrictions for untrusted applets. The vulnerability has been reported in SDK / JRE version 1.4.2_05 and prior, all 1.4.1 and 1.4.0 versions, and version 1.3.1_12 and prior. Solution: The vulnerability has been fixed in the following versions: * SDK / JRE 1.4.2_06 and later. * SDK / JRE 1.3.1_13 and later. 
|
 Posted |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| RSS-Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege - 8/17/2005 | RSS Importer | Security Alerts and vulnerabilities | 0 | 08-17-2005 02:00 AM |
| RSS-Microsoft Security Advisory (899480): Vulnerability in TCP Could Allow Connection Reset - 5/18/2005 | RSS Importer | Security Alerts and vulnerabilities | 0 | 05-18-2005 02:00 AM |
| Sun Java System Server XSite Scripting | Mobo | Security Alerts and vulnerabilities | 0 | 03-23-2005 01:00 PM |
|
||
|
|
|
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
