Current Activity - Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

Original release date: April 13, 2010 at 10:09 am
Last revised: April 13, 2010 at 10:09 am


The Sun Java Development Toolkit plugin and ActiveX control contain a
vulnerability. This vulnerability is due to insufficient argument
validation. By convincing a user to visit a specially crafted HTML
document, an attacker may be able to exploit this vulnerability and
execute an arbitrary JAR file on the affected system.

US-CERT encourages users and administrators to review US-CERT
Vulnerability Note VU#886582 and implement any necessary workarounds
to help mitigate the risk until a fix is available from the product
vendor.

US-CERT will provide additional information as it becomes available.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/886582>

====
This entry is available at
http://www.us-cert.gov/current/index.html#sun_java_deployment_toolkit_plugin

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS8SF1z6pPKYJORa3AQIS4gf+LbnFEDIEMCZAsAsvXVi/YDMto12Jzhbz
5noi+CKclzWkDiD0YE4gespF1z8n1uNzLgEYqkDIQb5gsj53Of1V9zYg/tMB4rZW
cInmd8NaxvkeTGz97aBdiOtSuTnwPOWRF0cgIQrZWFO3f0K/HG4AJNNjmu1xrBJ/
0UyUceUHHZOsAt8EpTn8/R00CFa4xW64PcXrmRD/OCZiBmNvZuZgumsqh9yK1uj6
ijfxT+dVNTU4H3fLoE0xMWyf3I0tYi4V1AySCwXLDjoBB/xJc90tcydtHia2hIbu
7d3LPOaF86nxaEuTTWOzYBsjkD4w1H4YRzusdHsDWI4U3wUmS6MPLA==
=Kc4c
-----END PGP SIGNATURE-----