VULHUB ™

Java virtual machine implementations contain a vulnerability that may allow for malicious Java applets to escape the security sandbox. The vulnerability is due to a data casting error. It is possible for an applet constructed at the bytecode-level to perform an illegal casting operation. By doing so, the security sandbox intended to limit the operations that can be performed by an applet may be escaped. This can result in the unrestricted execution of system-level code with the privileges of the user running the virtual machine (possibly through a browser). It should be noted that this is a variant of a previously discovered vulnerability BID 740.

Java virtual machine implementations contain a vulnerability that may allow for malicious Java applets to escape the security sandbox. The vulnerability is due to a data casting error. It is possible for an applet constructed at the bytecode-level to perform an illegal casting operation. By doing so, the security sandbox intended to limit the operations that can be performed by an applet may be escaped. This can result in the unrestricted execution of system-level code with the privileges of the user running the virtual machine (possibly through a browser). It should be noted that this is a variant of a previously discovered vulnerability BID 740.