« SLOTD: Configuring... | Main | Sun Alert 102987... »
28 Jun 2007 Sun Alert 102957 Security Vulnerability With Java Web Start May Allow Application to Escalate Privileges
posted by security in Alerts
Product: Java 2 Platform, Standard Edition

A vulnerability in Java Web Start may allow an untrusted application to grant itself permissions to overwrite any file that is writable by the user running the application. This would include the user's .java.policy file which would allow the application to invoke applets or Java Web Start applications that can execute arbitrary code with the permissions of the user running the untrusted application.

Sun acknowledges, with thanks, John Heasman of NGSSoftware Limited, for bringing this issue to our attention.

Avoidance: Upgrade
State: Resolved
First released: 28-Jun-2007
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1
Permalink | Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102957_security_vulnerability
Comments:

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

« SLOTD: Configuring... | Main | Sun Alert 102987... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« December 2009
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.