• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Java Virtual Machine Java Object Instantiation Denial Of Service Vulnerability

A vulnerability in the Microsoft JVM may allow an attacker to cause the hosting application to fail when a user visits a malicious site. Restarting the hosting application will restore normal functionality. The vulnerability is due to the way the Virtual Machine initializes some Java objects. An attacker can exploit this vulnerability by creating a Java applet that will created an incorrectly initialized Java object. This will result in the corruption of memory of the hosting application and its subsequent failure.

This vulnerability was originally described in BID 6365. It is now being assigned its own BugTraq ID.