AOL Corporate Communications Information for VU#32231
Netscape Java Security Manager fails to prevent URLConnections through netscape.net.URLConnection Class
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 09 Nov 2000
Netscape takes all security issues very seriously, and we are working to quickly evaluate and address this concern. If the reports are accurate, we plan to make a patch available, but in the interim, users can protect themselves by simply turning off Java.
Users can also visit http://www.netscape.com/security to get the mostup to date information on a patch, and its availability.
The vendor has not provided us with any further information regarding this vulnerability.
Systems running Netscape Communicator version 4.04 through 4.74 with Java enabled. Netscape 6 is unaffected by this problem.
If you have feedback, comments, or additional information about this vulnerability, please send us email.