Microsoft JVM URI Parsing Vulnerability

Microsoft JVM URI Parsing Vulnerability

Details of a vulnerability in the Microsoft JVM have been published. The vulnerability is in the parsing of the location URI string and may result in an applet being retrieved from an attacker-specified location other than that of the document it is embedded in. This may result in a malicious applet having access to the DOM of the target location. The applet may retrieve cookie values or manipulate web content.