Sun Java Media Framework (JMF) Arbitrary Code Execution
High Nessus Plugin ID 11635
SynopsisA framework installed on the remote Windows host has a code execution vulnerability.
DescriptionThe remote host is using Sun Microsystems's Java Media Framework (JMF).
There is a bug in the version installed that may allow an untrusted applet to crash the Java Virtual Machine it is being run on, or even to gain unauthorized privileges.
An attacker could exploit this flaw to execute arbitrary code on this host. To exploit this flaw, the attacker would need to trick a user into running a malicious Java applet.
SolutionUpgrade to JMF 2.1.1e or later.