Executive Summary

Summary
TitleSun Alert 200356 A Vulnerability in JRE May Allow an Untrusted Applet to Escalate Privileges
Informations
NameSUN-200356First vendor Publication2010-01-25
VendorSunLast vendor Modification2010-01-25
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Java Web Service

A vulnerability in the Java Runtime Environment (JRE) classloader can allow an untrusted applet to escalate privileges including reading and writing files and executing arbitrary code on client systems.

Sun acknowledges, with thanks, Last Stage of Delirium, for bringing this issue to our attention. For more information, see the LSD website at http://lsd-pl.net.

State: Resolved
First released: 22-Oct-2003

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_200356_a_vulnerability

CPE : Common Platform Enumeration

TypeDescriptionCount
Application146

Open Source Vulnerability Database (OSVDB)

idDescription
11751Java Virtual Machine sun.applet.AppletClassLoader loadClass Method Arbitrary ...