Train
PDA

توجه ! این یک نسخه آرشیو شده میباشد و در این حالت شما عکسی را مشاهده نمیکنید برای مشاهده کامل متن و عکسها بر روی لینک مقابل کلیک کنید : HP-UX Java Classloader Applet Privilege Escalation Vulnerability

NI3
11-08-2003, 10:49 AM
TITLE:
HP-UX Java Classloader Applet Privilege Escalation Vulnerability

SECUNIA ADVISORY ID:
SA10160

VERIFY ADVISORY:
[Only registered and activated users can see links]

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
HP-UX 11.x

DESCRIPTION:
HP has confirmed a vulnerability in HP-UX, which can be exploited by
malicious, untrusted applets to escalate their privileges on a
vulnerable system.

For more information:
SA10056

The vulnerability affects any HP-UX system (B.11.00, B.11.11,
B.11.22, B.11.23) running one of the following supported versions of
Java:
* Java 1.2.X (prior to 1.2.1.16)
* Java 1.3.X (prior to 1.3.1.11)
* Java 1.4.1.X (prior to 1.4.1.04)

SOLUTION:
Update to version 1.4.1.04, 1.3.1.11, or 1.2.1.16.
[Only registered and activated users can see links]

NOTE: Java version 1.4.2 is not affected.

ORIGINAL ADVISORY:
SSRT3659 Java VM Classloader (J2SE):
[Only registered and activated users can see links]

OTHER REFERENCES:
SA10056:
[Only registered and activated users can see links]

----------------------------------------------------------------------