Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation
High Nessus Plugin ID 18480
SynopsisThe remote Windows host contains a runtime environment that is affected by multiple vulnerabilities.
DescriptionThe remote host is using a vulnerable version of Sun Java Runtime Plug-in, an web browser addon used to display Java applets.
It has been reported that the JRE Plug-in Security can be bypassed.
A remote attacker could exploit this by tricking a user into viewing a maliciously crafted web page.
Additionally, a denial of service vulnerability is present in this version of the JVM. This issue is triggered by viewing an applet that misuses the serialization API.
SolutionUpgrade to JRE 1.4.2_08 / 1.5.0 update 2 or later.