Bugtraq mailing list archives
Re: [Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability
From: "Exchange" <pauls () utdallas edu>
Date: Thu, 25 Nov 2004 12:23:20 -0600
----- Original Message ----- From: "Alla Bezroutchko" <alla () scanit be> To: <bugtraq () securityfocus com>; <full-disclosure () lists netsys com> Sent: Thursday, November 25, 2004 4:33 AM Subject: [Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability
As noted by rodmoses(at)yahoo(dot)com Opera remains vulnerable even after the upgrade of JVM to version 1.4.2_06. (tested on Windows XP SP2, Opera 7.54, J2SE 1.4.2_06).
This wasn't mentioned in the original disclosure announcement, but is it safe to assume that jre-1.5.0 would *not* be vulnerable? Or has it not been tested? Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer University of Texas at Dallas http://www.utdallas.edu/ AVIEN Founding Member
Current thread:
- Sun Java Plugin arbitrary package access vulnerability Jouko Pynnonen (Nov 23)
- Re: Sun Java Plugin arbitrary package access vulnerability Ken S (Nov 23)
- Re: Sun Java Plugin arbitrary package access vulnerability Alla Bezroutchko (Nov 25)
- Re: [Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability Exchange (Nov 25)
- Rumours about Opera Marc Schoenefeld (Nov 25)
- <Possible follow-ups>
- Re: Sun Java Plugin arbitrary package access vulnerability Ken S (Nov 25)
- Re: Sun Java Plugin arbitrary package access vulnerability Peter Greenwood (Nov 25)