• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft JVM Cross-Domain Applet Unauthorized Communication Vulnerability

It has been reported that applets running in the Microsoft JVM share a common data structure that can be both written to and read from by any applet, regardless of domain association. This is in violation of the above security policy.

It should be noted that the Java Runtime Environment (JRE) and Software Development Kit (SDK) version 1.4.2_04 and earlier are not vulnerabe to this issue.