There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets.
The Java Plug-in is part of the Java 2 Runtime Environment (JRE) and establishes a framework for displaying Java applets within a web browser. There is a vulnerability in the Java Plug-in security framework that could allow a malicious applet to bypass restrictions for accessing private Java packages.
By convincing a victim to download and run a malicious Java applet, an intruder could read, write, and modify files on the system with privileges of the victim.
This vulnerability was reported by Jouko Pynnonen.
This document was written by Damon Morda.
|Date First Published:||2004-11-23|
|Date Last Updated:||2004-11-23 21:47 UTC|