HTTP: Sun JAVA Plug-in Sandbox Security Bypass

This signature detects attempts to exploit a known vulnerability against the Sun Java Virtual Machine. Attackers can attempt to bypass the Sandbox Security model and access normally restricted information or install and execute programs on the target computer.

Extended Description

A vulnerability is reported to exist in the access controls of the Java to JavaScript data exchange within web browsers that employ the Sun Java Plug-in. Reports indicate that it is possible for a malicious website that contains JavaScript code to exploit this vulnerability to load a dangerous Java class and to pass this class to an invoked applet. ** UPDATE: It is reported that the various methods of invoking Java applets can be abused to specify which version of a plug-in will be used to run an applet. If a vulnerable version is still installed on the computer, it may be possible for to specify that this version runs the applet instead of an updated version that is not prone to the vulnerability. Users affected by this vulnerability should remove earlier versions of the plug-in. This functionality could also be abused to prompt users to install vulnerable versions of the plug-in, so users should be wary of doing so. This general security weakness has been assigned an individual BID (11757). It is not known to what degree the Sun Java Runtime Environment Java Plug-in JavaScript Security Restriction Bypass Vulnerability is affected by this security weakness, though a number of other known vulnerabilities could be affected.

Affected Products

Symantec gateway_security_5400,Hp java_sdk/rte_for_hp-ux_pa-risc

References

BugTraq: 11726

CVE: CVE-2004-1029

Short Name

HTTP:STC:JAVA:SANDBOX-BYPASS

Severity

Major

Recommended

False

Recommended Action

None

HTTP: Sun JAVA Plug-in Sandbox Security Bypass

Extended Description

Affected Products

References

Found a potential security threat?