Sun Java Web Start System Property Tags Remote Unauthorized Access Vulnerability

Sun Java Web Start System Property Tags Remote Unauthorized Access Vulnerability

A remote unauthorized-access vulnerability affects Java Web Start because the application fails to properly validate user-supplied input before considering it trusted.

An attacker may leverage this issue to gain unauthorized read/write access to affected computers. Other attacks may also be possible. Note that unauthorized access granted in this way will be with the privileges of the unsuspecting user that visits a malicious website.

Reports from Harry Johnston indicate the OraClient 10g component of Oracle Database Server 10g incorporates a vulnerable version of the Java Runtime Environment and is therefore vulnerable to this issue.