Vulnerability Note VU#657625
Microsoft Virtual Machine incorrectly parses the domain portion of URLs containing a colon
Some versions of the Microsoft virtual machine (Microsoft VM) contain a flaw that could allow untrusted Java applets from an attacker's site to be run instead of the trusted applet from the intended site.
The Microsoft virtual machine (Microsoft VM) enables Java programs to run on Windows platforms. The Microsoft VM is included in most versions of Windows and Internet Explorer.
The Microsoft VM contains a flaw that incorrectly parses URLs if they contain a colon used to indicate the port number. The vulnerability results because it's possible to create a URL that will cause the Microsoft VM to incorrectly determine the domain from which a Java applet was loaded, and conclude that it came from one web site when in fact it came from another. Specifically, if a URL is crafted in a particular format containing references to two different web sites, the VM will incorrectly process it and load a Java applet from an untrusted site while running it in the trusted site's domain.
Because the malicious applet would be located in the context of the legitimate site's domain, it could potentially access any cookies that the legitimate site had placed on the victim user's system. Additionally, any information the malicious applet solicited from the user could be relayed back to the attacker's site instead of the intended site.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||26 Nov 2002||18 Dec 2002|
CVSS Metrics (Learn More)
Thanks to Jouko Pynnonen for reporting this vulnerability.
This document was written by Chad R Dougherty.
- CVE IDs: CAN-2002-1286
- Date Public: 12 Nov 2002
- Date First Published: 21 Jan 2003
- Date Last Updated: 21 Jan 2003
- Severity Metric: 7.36
- Document Revision: 13
If you have feedback, comments, or additional information about this vulnerability, please send us email.