jdk/jre -- Security Vulnerability With Java Plugin

ID AC619D06-3EF8-11D9-8741-C942C075AA41
Type freebsd
Reporter FreeBSD
Modified 2005-04-27T00:00:00


The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code.