« Sun Alert 102997... | Main | Sun Alert 102978... »
10 Jul 2007 Sun Alert 102996 Security Vulnerability in Java Web Start URL Parsing Code May Allow Untrusted Applications to Elevate Privileges
posted by security in Alerts
Product: Java 2 Platform, Standard Edition

A buffer overflow vulnerability in the Java Web Start URL parsing code may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the Java Web Start application.

Sun acknowledges with thanks, Brett Moore of Security-Assessment.com for discovering and reporting this issue.

Sun also acknowledges eEye Digital Security for bringing this issue to our attention.

Avoidance: Patch, Upgrade
State: Resolved
First released: 10-Jul-2007
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1
Permalink | Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102996_security_vulnerability
Comments:

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

« Sun Alert 102997... | Main | Sun Alert 102978... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« December 2009
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.