The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103024 Vulnerability in the Java Runtime Environment Font Parsing Code may Allow an Untrusted Applet to Elevate Privileges

Guest Author
Product: Java 2 Platform, Standard Edition

A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.

Sun acknowledges, with thanks, John Heasman of NGSSoftware, for bringing this issue to our attention.

Avoidance: Patch, Upgrade
State: Resolved
First released: 15-Aug-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.