Bulletin MS02-069

From: B F (zaphod_b71@hotmail.com)
Date: 12/13/02

  • Next message: Jason Huan: "Exchange 5.5 delivery receipts"
    From: "B F" <zaphod_b71@hotmail.com>
    To: focus-ms@securityfocus.com
    Date: Fri, 13 Dec 2002 15:49:41 +0100


    quote from the Adivsory:

    A security vulnerability through which an untrusted
       Java applet could access COM objects. By design, COM
       objects should only be available to trusted Java
       programs because of the functionality they expose. COM
       objects are available that provide functionality through
       which an attacker could take control of the system.

    Does that mean that this vulnerability can also be used
    to get administrator privs on the local computer via an java


    Tired of spam? Get advanced junk mail protection with MSN 8.

    Relevant Pages

    • RE: JAVA un z/OS
      ... Additionally in the case of primitive integers, Java has to ... from Little Endian to Big Endian before sending the CPU instruction, ... than back after the instruction is done. ...
    • Re: StringBuilder Difficulties
      ... and my *guess* is that this is not horribly inefficient if the ... StringBuilder sb = new StringBuilder; ... that seems less optimal than trying to grok the Java mindset. ...
    • Re: StringBuilder Difficulties
      ... in order to use the language. ... You may have noticed that your issues with StringBuilder seem ... The usual solution in Java is to factor out an API into an interface and ...
    • Re: Is a "real" C-Python possible?
      ... I think most Java-Python benchmarks you can find online will indicate ... Java 1.1) piece of a paper if you read past the "benchmark" part. ... (snip rant about Swing memory leaks, ... Don't write large apps ...
    • Re: Great SWT Program
      ... Java Search and Plug-in Search. ... to use Eclipse I'd teach them it's internal search tools. ... (command-line tools as well as an IDE) ...