• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Virtual Machine Exposure Of XML Supported Methods Vulnerability

The reported vulnerability involves a Java class that provides support for use of XML methods by Java classes. This class should only allow a certain trusted set of applets to access these methods. Due to a flaw in the design of this class, these XML methods are exposed to any application and could allow for execution of arbitrary code in the security context of the current user.

This vulnerability may be related to one of the Virtual Machine issues reported in Bugtraq ID 5670, however it is not clear at this time.