Bugtraq mailing list archives
Re: Sun Security Bulletin #00208
From: Avery Buffington <avery () fundsxpress com>
Date: Wed, 24 Oct 2001 12:33:43 -0500
If I'm reading the advisory correctly this appears to only effect a sun box using the VM in a "workstation" type environment where a rogue applet could grab the contents (if any) from the clipboard, correct? If the VM is not being used in conjunction with a browser and/or window manager there is little to no harm in this bug, right?? -avery Jay Sekora wrote:
From the Sun Security Bulletin: 2. Affected Releases The following releases are affected:[...]Solaris OE Production Releases SDK and JRE 1.3.0_02 or earlier SDK and JRE 1.2.2_07 or earlier SDK and JRE 1.2.1 SDK and JRE 1.2The version of the JDK that is shipped with Solaris 8 4/01 is (according to "/bin/java -version") "build Solaris_JDK_1.2.2_07a". Note trailing "a". Does anybody know for certain whether that counts as "SDK and JRE 1.2.2_07 or earlier" for purposes of this discussion? (We do lots of Java coursework here, and I'd prefer not to upgrade under people while school is in session if it can safely be avoided.) Sincerely, Jay Sekora for <systems () ccs neu edu>
-- **************************** Avery Buffington Portal System Administrator FundsXpress Financial Network avery () fundsxpress com **************************** "Let's call it an accidental feature." --Larry Wall
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: Sun Security Bulletin #00208 Jay Sekora (Oct 23)
- Re: Sun Security Bulletin #00208 Stanley G. Bubrouski (Oct 24)
- Re: Sun Security Bulletin #00208 Avery Buffington (Oct 24)
- <Possible follow-ups>
- Re: Sun Security Bulletin #00208 Stanley G. Bubrouski (Oct 24)