|
Note: This is an archival copy of Security Sun Alert 201010 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000762.1. |
Category Security Release Phase Resolved 5020333, 4954066 Date of Resolved Release 02-AUG-2004 Impact The XSLT processor included with the Java Runtime Environment (JRE) may allow an untrusted applet to read data from another applet that is processed using the XSLT processor and may allow the untrusted applet to escalate privileges. Sun acknowledges, with thanks, Marc Schoenefeld for bringing these issues to our attention. Contributing Factors These issues can occur in the following releases: Windows Production Releases
Solaris Operating Environment Production Releases
Linux Production Releases
Note: SDK and JRE releases for Windows, Solaris and Linux prior to 1.4.0 are not affected by these issues. To determine the release of a Java installation, run the "java" command with the "-fullversion" option: $ java -fullversion java full version "1.4.2_04-b03" Symptoms There are no reliable symptoms that would show the described issues have been exploited. Workaround There is no workaround. Please see the "Resolution" section below. Resolution These issues are addressed in the following releases: Windows Production Release
Solaris Operating Environment Production Release
Linux Production Release
Note: SDK and JRE releases are available at: http://java.sun.com/j2se/ Modification History Product Java 2 Platform, Standard Edition 1.4.2 Attachments This solution has no attachment | |||||||||||||||
|
|