VULHUB ™

The Finjan SurfinGate Java applet analyzer does not properly detect the use of the Java Reflection API. As a result, this API may be used to call methods and classes that may otherwise be restricted. A malicious Java applet may use this technique to bypass the Finjan SurfinGate filter. End users may not be protected from malicious Java applets as a result. It should be noted that this issue exists when the "Load Other Java Classes" feature is enabled (which it is by default). Disabling this feature will mitigate this issue by may cause Java applets to be blocked too aggressively. Even with this feature enabled, loaded Java classes will be scanned, which may block some malicious behavior.

The Finjan SurfinGate Java applet analyzer does not properly detect the use of the Java Reflection API. As a result, this API may be used to call methods and classes that may otherwise be restricted. A malicious Java applet may use this technique to bypass the Finjan SurfinGate filter. End users may not be protected from malicious Java applets as a result. It should be noted that this issue exists when the "Load Other Java Classes" feature is enabled (which it is by default). Disabling this feature will mitigate this issue by may cause Java applets to be blocked too aggressively. Even with this feature enabled, loaded Java classes will be scanned, which may block some malicious behavior.