Several vulnerabilities have been reported for Microsoft Java Virtual Machine. The first vulnerability may allow a malicious Java applet to access COM objects. A malicious Java applet may be able to access COM objects that allow control of the system. By exploiting this vulnerability an attacker would be able to take complete control over a compromised machine. The second vulnerability may allow an attacker to misrepresent the location of a malicious Java applet. Through the use of an APPLET HTML tag, an attacker can specify a false value for the 'CODEBASE' parameter. An attacker can exploit this vulnerability to load a malicious applet from a remote site and trick the Virtual Machine into thinking that it was executed from a trusted location. This will allow an attacker to obtain access to potentially sensitive files on a vulnerable system. The third vulnerability may allow an attacker to construct a malicious URL that would load a Java applet from an attacker's site but...
Several vulnerabilities have been reported for Microsoft Java Virtual Machine. The first vulnerability may allow a malicious Java applet to access COM objects. A malicious Java applet may be able to access COM objects that allow control of the system. By exploiting this vulnerability an attacker would be able to take complete control over a compromised machine. The second vulnerability may allow an attacker to misrepresent the location of a malicious Java applet. Through the use of an APPLET HTML tag, an attacker can specify a false value for the 'CODEBASE' parameter. An attacker can exploit this vulnerability to load a malicious applet from a remote site and trick the Virtual Machine into thinking that it was executed from a trusted location. This will allow an attacker to obtain access to potentially sensitive files on a vulnerable system. The third vulnerability may allow an attacker to construct a malicious URL that would load a Java applet from an attacker's site but misrepresent it as belonging to another, trusted, site. The vulnerability is due to a flaw in the Virtual Machine's URL parser. An attacker can exploit this vulnerability to intercept any traffic that the user would send to the trusted site. This information may be used by an attacker to launch further attacks against a vulnerable system. The fourth vulnerability may allow an attacker to access databases used by the system as another user. This will allow an attacker to obtain read and write access to the database. This vulnerability is due to the bypassing of existing security checks of the JDBC APIs by malicious applets. The fifth vulnerability may allow an attacker to prevent Java applets on other pages from running. This vulnerability exists due to insufficient security checks in the Virtual Machine that allows Java applets to write to the Standard Security Manager. This vulnerability will allow an attacker to prevent Java applets from being run only in the current browser session; any new browser sessions will be unaffected. The sixth vulnerability may allow an attacker to obtain access to the user.dir property. Exploitation of this issue may allow an attacker to obtain information that may be used to launch further attacks against a vulnerable system. The final vulnerability may allow an attacker to cause the hosting application to fail when a user visits a malicious site. Restarting the hosting application will restore normal functionality. The vulnerability is due to the way the Virtual Machine initializes some Java objects. This will result in the corruption of memory of the hosting application and its subsequent failure. ** At the earliest possible convenience, this record will be divided up into new vulnerability records where it is appropriate. Existing records will also be updated to reflect the information contained in the Microsoft Security Bulletin.
