On Fri, 26 Nov 2004 23:58:55 -0500, Phillip Rhodes <[EMAIL PROTECTED]> wrote: > Richard O. Hammer wrote: > > > This article <http://www.newscientist.com/news/news.jsp?id=ns99996724> > > talks about a bug in Java -- something about applets, the plugin, and > > the sandbox. But it never says what the bug is, and it is so vague that > > I have doubts about its validity. Does anybody have any more specifics? > > There's some info here: > > <http://developers.slashdot.org/article.pl?sid=04/11/24/1323228&tid=172&tid=108&tid=218> > > I haven't read all the linked articles myself, so I don't know how much > (if any) *more* info there is, compared to the New Scientist > article. But from what I could glean from the discussion, it appears > that this is a real bug, and that sun have already fixed it and released > a update for it. > > TTYL, > > Phil
Slashdot links to the Sun problem report: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 which in turn points to a brief description at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1029 which explains, "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code." That page links to a more detailed description at http://www.idefense.com/application/poi/display?id=158 which gives a bit more information: "The problem specifically exists within the access controls of the Java to Javascript data exchange in web browsers using Sun's Java Plug-in technology. The vulnerability allows Javascript code to load an unsafe class which should not normally be possible from a Java Applet." It allows the malicious code to execute any program on the browser's computer. It requires Java and JavaScript both be enabled. According to Sun, it affects "SDK and JRE 1.4.2_05 and earlier, all 1.4.1 and 1.4.0 releases, and 1.3.1_12 and earlier" on Solaris, Linux, and Windows. It has been fixed for SDK and JRE 1.4.2_06 and later and SDK and JRE 1.3.1_13 and later. Jim _______________________________________________ Juglist mailing list [EMAIL PROTECTED] http://trijug.org/mailman/listinfo/juglist_trijug.org
