CERT mailing list archives
Current Activity - Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 13 Apr 2010 10:55:33 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability Original release date: April 13, 2010 at 10:09 am Last revised: April 13, 2010 at 10:09 am The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR file on the affected system. US-CERT encourages users and administrators to review US-CERT Vulnerability Note VU#886582 and implement any necessary workarounds to help mitigate the risk until a fix is available from the product vendor. US-CERT will provide additional information as it becomes available. Relevant Url(s): <http://www.kb.cert.org/vuls/id/886582> ==== This entry is available at http://www.us-cert.gov/current/index.html#sun_java_deployment_toolkit_plugin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS8SF1z6pPKYJORa3AQIS4gf+LbnFEDIEMCZAsAsvXVi/YDMto12Jzhbz 5noi+CKclzWkDiD0YE4gespF1z8n1uNzLgEYqkDIQb5gsj53Of1V9zYg/tMB4rZW cInmd8NaxvkeTGz97aBdiOtSuTnwPOWRF0cgIQrZWFO3f0K/HG4AJNNjmu1xrBJ/ 0UyUceUHHZOsAt8EpTn8/R00CFa4xW64PcXrmRD/OCZiBmNvZuZgumsqh9yK1uj6 ijfxT+dVNTU4H3fLoE0xMWyf3I0tYi4V1AySCwXLDjoBB/xJc90tcydtHia2hIbu 7d3LPOaF86nxaEuTTWOzYBsjkD4w1H4YRzusdHsDWI4U3wUmS6MPLA== =Kc4c -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability Current Activity (Apr 13)