Vulnerability Note VU#931684
Sun Java Management Extensions privilege escalation vulnerability
A vulnerability in the Sun Java Management Extensions API may allow a remote attacker to execute arbitrary code.
According to Sun Microsystems:
Java Management Extensions (JMX) technology provides the tools for building distributed, Web-based, modular and dynamic solutions for managing and monitoring devices, applications, and service-driven networks.
An unspecified vulnerability in the JMX API may allow an untrusted Java applet to execute elevated privileges. For more information, please refer to Sun Alert 102017.
A remote attacker may be able to execute arbitrary code.
Do not access Java Applets from untrusted sources
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Sun Microsystems, Inc.||Affected||29 Nov 2005||30 Nov 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by Sun Microsystems. Sun credits Adam Gowdiak with providing information regarding this issue.
This document was written by Jeff Gennari.
- CVE IDs: CVE-2005-3904
- Date Public: 28 Nov 2005
- Date First Published: 02 Dec 2005
- Date Last Updated: 12 Jan 2006
- Severity Metric: 9.00
- Document Revision: 33
If you have feedback, comments, or additional information about this vulnerability, please send us email.