Multiple Vendors java.net.URLConnection Applet Direct Connection Vulnerability

The security model of Apple Mac OS Runtime Java (MRJ) is ignored in the function java.net.URLConnection. Therefore, it is possible to connect directly to any host whereas an applet should only be able to connect to the host that it originated from.

Hiromitsu Takagi <takagi@etl.go.jp> illustrates in the following article the dangers of any host being accessed:

http://java-house.etl.go.jp/ml/archive/j-h-b/033470.html

A malicious website operator could set up applets which could lend itself to download sensitive information in any data format given that the file and path is known.

This vulnerability depends on the combination of MRJ and browser version the system is running. To check whether or not your machine is vulnerable, make note of what version of browser and MRJ you are running and visit the following URL:

http://java-house.etl.go.jp/ml/archive/j-h-b/033471.html


 

Privacy Statement
Copyright 2010, SecurityFocus