Executive Summary

TitleSun Alert 200356 A Vulnerability in JRE May Allow an Untrusted Applet to Escalate Privileges
NameSUN-200356First vendor Publication2010-01-25
VendorSunLast vendor Modification2010-01-25
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


Product: Java Web Service

A vulnerability in the Java Runtime Environment (JRE) classloader can allow an untrusted applet to escalate privileges including reading and writing files and executing arbitrary code on client systems.

Sun acknowledges, with thanks, Last Stage of Delirium, for bringing this issue to our attention. For more information, see the LSD website at http://lsd-pl.net.

State: Resolved
First released: 22-Oct-2003

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_200356_a_vulnerability

CPE : Common Platform Enumeration


Open Source Vulnerability Database (OSVDB)

11751Java Virtual Machine sun.applet.AppletClassLoader loadClass Method Arbitrary ...