Multiple Vendor Java Virtual Machine Session Hijacking Vulnerability

Various Java virtual machine implementations contain a vulnerability that may allow for interception and hijacking of web requests.

The vulnerability is present when a client system is configured to use a HTTP proxy server. It is possible for malicious java code to redirect requests meant for the proxy server to an arbitrary host. This occurs transparently, without any client consent or knowledge.

This vulnerability can be exploited with a maliciously crafted Java applet, possibly embedded in a webpage. The victim must run the applet in a vulnerable virtual machine.

As a result a user's session information could be captured and be examined for sensitive information. Man-in-the-middle attacks may also be possible, as the response to any request may be crafted by the attacker.

It should be noted that all builds of Microsoft Virtual Machine prior to and including build 3802 are affected by this issue.


Privacy Statement
Copyright 2010, SecurityFocus