VULHUB ™

A vulnerability has been reported in Java implementations that may potentially allow Java applets from two different domains to violate the sandbox security model and share read/write access to data areas. This violates the principle of isolation that should be enforced by Java and it is possible for unsigned applets to gain unauthorized access to data used by signed applets. This issue was reported for Java Plug-in 1.4.2_01 on Microsoft Windows platforms, though it is believed that other platforms are similarly affected. It is not known if other versions or Java implementations are also affected.

A vulnerability has been reported in Java implementations that may potentially allow Java applets from two different domains to violate the sandbox security model and share read/write access to data areas. This violates the principle of isolation that should be enforced by Java and it is possible for unsigned applets to gain unauthorized access to data used by signed applets. This issue was reported for Java Plug-in 1.4.2_01 on Microsoft Windows platforms, though it is believed that other platforms are similarly affected. It is not known if other versions or Java implementations are also affected.