Oracle Java SE and Java for Business CVE-2010-3573 Same Origin Bypass Vulnerability

Oracle Java SE and Java for Business are prone to a same-origin-policy-bypass vulnerability.

The vulnerability can be exploited over multiple protocols.

Attackers can exploit this issue to access resources from another origin in the context of another domain. This can facilitate cross-site request-forgery attacks.

This vulnerability affects the following supported versions:
6 Update 21, 5.0 Update 25

Update (October 20, 2010): Reports are currently disputing this issue. We will update this BID when more information is available.


 

Privacy Statement
Copyright 2010, SecurityFocus