Re: JRE < 1.4.2_04 vulnerability

[<full-disclosure () nym hush com>]

> I am confused, being a newblet, how this can be a vulnerability 
> without an exploit.  Is it just that Sun does not want to admit that

> there is an exploit?  

It's a vulnerability because it's exploitable.  There's no known exploit
(according to securityfocus.com) because there's no widely published
and publicly available exploit code.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html