Multiple vulnerabilities affect the Java Plug-in in Java SE Development
Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier,
6 Update 12 and earlier, 1.4.2_19 and earlier as well as 1.3.1_24 and
- A flaw in deserializing applets may allow untrusted applets to
escalate privileges and grant itself permissions to read, write and
execute local files and applications accessible to the user.
localhost to connect to any port on the system. This can be
leveraged with XSS vulnerabilities to access other applications on
- The Java Plug-in allows a trusted applet to be launched on an
earlier version of the Java Runtime Environment. This could allow
a downloaded applet to exploit vulnerabilities previously patched.
- The Java Plug-in incorrectly parses crossdomain.xml, allowing an
untrusted applet to connect to any site that provides a
crossdomain.xml file instead of the sites that allow the domain the
applet is running on.
- The Java Plug-in may allow a signed applet to obscure the
contents of the security dialog and therefore trick the user into
trusting the applet.