Bulletin MS02-069
From: B F (zaphod_b71@hotmail.com)
Date: 12/13/02
- Previous message: Ogle Ron (Rennes): "RE: IIS 4 Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "B F" <zaphod_b71@hotmail.com> To: focus-ms@securityfocus.com Date: Fri, 13 Dec 2002 15:49:41 +0100
Hi,
quote from the Adivsory:
<snip>
A security vulnerability through which an untrusted
Java applet could access COM objects. By design, COM
objects should only be available to trusted Java
programs because of the functionality they expose. COM
objects are available that provide functionality through
which an attacker could take control of the system.
<snip>
Does that mean that this vulnerability can also be used
to get administrator privs on the local computer via an java
applet???
Regards
Bjoern
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
- Next message: Jason Huan: "Exchange 5.5 delivery receipts"
- Previous message: Ogle Ron (Rennes): "RE: IIS 4 Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
