Note: This is an archival copy of Security Sun Alert 201175 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000888.1.
Date of Resolved Release
A second vulnerability may allow an untrusted applet to inappropriately interfere with another applet in the same web page which may include causing it to incorrectly load non-code resources such as files and web pages.
Sun acknowledges, with thanks, Fujitsu, for bringing these issues to our attention.
The first issue can occur in the following releases:
The second issue can occur in the following releases:
Note: JDK and JRE 5.0 are not affected by these vulnerabilities.
To determine the version of Java on a system, the following command can be run:
% java -fullversion java full version "1.4.1_06-b01"
There are no reliable symptoms that would indicate the described issues have been exploited.
The first issue is addressed in the following releases:
The second issue is addressed in the following releases:
J2SE releases are available for download at http://java.sun.com/j2se/, at the following links:
Note: It is recommended that affected versions be removed from your system. For more information, please see the installation notes on the respective java.sun.com download pages.
Java 2 Platform, Standard Edition 1.4.2
This solution has no attachment