VULHUB ™

A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java bytecode. If a malicous applet is compiled by the vulnerable compiler, it may be possible to redirect program flow to point to attacker-controlled memory. Successful execution of attacker-supplied instructions may result in arbitrary system commands being executed outside of the Java sandbox, with privileges of the JVM process.

A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java bytecode. If a malicous applet is compiled by the vulnerable compiler, it may be possible to redirect program flow to point to attacker-controlled memory. Successful execution of attacker-supplied instructions may result in arbitrary system commands being executed outside of the Java sandbox, with privileges of the JVM process.