TITLE:
Sun Java JRE Swing Library Applet Security Bypass
SECUNIA ADVISORY ID:
SA22910
VERIFY ADVISORY:
http://secunia.c
om/advisories/22910/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
From remote
SOFTWARE:
Sun Java JRE 1.5.x / 5.x
http://secunia.com/p
roduct/4228/
Sun Java JDK 1.5.x
http://secunia.com/p
roduct/4621/
DESCRIPTION:
A vulnerability has been reported in Sun Java JRE, which can
be
exploited by malicious people to bypass certain security
restrictions.
The vulnerability is caused due to an unspecified error in
the
Java
Runtime Environment Swing library and may allow a malicious,
untrusted applet to access data in other applets.
The vulnerability is reported in JDK and JRE 5.0 Update 7
and
earlier.
Note: SDK and JRE 1.4.2_xx and earlier, and 1.3.1_xx and
earlier are
not affected.
SOLUTION:
Update to JDK and JRE 5.0 Update 8 or later.
ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?asse
tkey=1-26-102622-1
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|