• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Java Web Start Unspecified Privilege Escalation Vulnerability

Sun Java Web Start is prone to an unspecified privilege-escalation vulnerability.

This vulnerability allows remote, untrusted Java applications to gain elevated privileges. This allows them to read or write local files, or to execute arbitrary local applications. These actions are normally forbidden for untrusted applications running in the Java virtual machine.

Further details are not available at this time. This BID will be updated as more information is disclosed.

Reports from Harry Johnston indicate that the OraClient 10g component of Oracle Database Server 10g incorporates a vulnerable version of the Java Runtime Environment and is therefore vulnerable to this issue.