Sun and Blackdown Java: Applet privilege escalation

🗓️ 29 Nov 2004 00:00:00Reported by Gentoo FoundationType

gentoo

gentoo🔗 security.gentoo.org👁 36 Views

Java applet vulnerability allows remote attackers to bypass security and execute commands. Upgrade now.

Reporter	Title	Published	Views	Family All 24
FreeBSD	jdk/jre -- Security Vulnerability With Java Plugin	24 Nov 200400:00	–	freebsd
Check Point Advisories	Sun Java Plug-in Sandbox Security Bypass (CVE-2004-1029)	30 Nov 200900:00	–	checkpoint_advisories
CVE	CVE-2004-1029	24 Nov 200405:00	–	cve
Cvelist	CVE-2004-1029	24 Nov 200405:00	–	cvelist
Tenable Nessus	FreeBSD : jdk/jre -- Security Vulnerability With Java Plugin (81)	30 Nov 200400:00	–	nessus
Tenable Nessus	FreeBSD : jdk/jre -- Security Vulnerability With Java Plugin (ac619d06-3ef8-11d9-8741-c942c075aa41)	23 Apr 200900:00	–	nessus
Tenable Nessus	GLSA-200411-38 : Sun and Blackdown Java: Applet privilege escalation	30 Nov 200400:00	–	nessus
Tenable Nessus	Sun Java JRE Plug-in Capability Arbitrary Package Access	22 Jan 200500:00	–	nessus
Tenable Nessus	Sun Java JRE Plug-in Capability Arbitrary Package Access (Unix)	22 Feb 201300:00	–	nessus
Tenable Nessus	Mac OS X Java JRE Plug-in Capability Arbitrary Package Access (Security Update 2005-002)	22 Feb 200500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Gentoo	any	x86	dev-java/sun-jdk	1.4.2.06	UNKNOWN
Gentoo	any	amd64	dev-java/sun-jdk	1.4.2.06	UNKNOWN
Gentoo	any	x86	dev-java/sun-jre-bin	1.4.2.06	UNKNOWN
Gentoo	any	amd64	dev-java/sun-jre-bin	1.4.2.06	UNKNOWN
Gentoo	any	x86	dev-java/blackdown-jdk	1.4.2.01	UNKNOWN
Gentoo	any	amd64	dev-java/blackdown-jdk	1.4.2.01	UNKNOWN
Gentoo	any	x86	dev-java/blackdown-jre	1.4.2.01	UNKNOWN
Gentoo	any	amd64	dev-java/blackdown-jre	1.4.2.01	UNKNOWN

31 May 2006 00:00Current

3.2Low risk

Vulners AI Score3.2

CVSS 29.3

EPSS0.37032

java applet vulnerability remote attacker security restrictions upgrade versions workaround disable