Bugtraq mailing list archives

Re: Sun Java Plugin arbitrary package access vulnerability

From: Ken S <ken.securitylist () gmail com>
Date: Wed, 24 Nov 2004 23:00:30 -0600

After installing a new version of the JRE on two machines, IE and
Firefox both report the plug-in as 1.4.2_06.  For browsing to unknown
sites, it would appear that there is no need to uninstall the older
versions, unless there is a way for the javascript code to call a
lower version of the JRE.   Hopefully, that's not possible.

Current thread:

Sun Java Plugin arbitrary package access vulnerability Jouko Pynnonen (Nov 23)
- Re: Sun Java Plugin arbitrary package access vulnerability Ken S (Nov 23)
- Re: Sun Java Plugin arbitrary package access vulnerability Alla Bezroutchko (Nov 25)
  - Re: [Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability Exchange (Nov 25)
  - Rumours about Opera Marc Schoenefeld (Nov 25)
- <Possible follow-ups>
- Re: Sun Java Plugin arbitrary package access vulnerability Ken S (Nov 25)
  - Re: Sun Java Plugin arbitrary package access vulnerability Peter Greenwood (Nov 25)