Microsoft Java Virtual Machine Bytecode Verifier Vulnerability

The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox.

An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be possible to escape the security constraints placed on the applet by the JVM.

Code execution with the privileges of the victim user may be possible.


 

Privacy Statement
Copyright 2010, SecurityFocus