Java plugin vulnerability

Details

There is a number of private Java packages in the Java VM, meant to be used only by the VM internally. Java Applets can’t normally access these packages because of security concerns. Attempting to access them normally results in an AccessControlException.

The problem is that JavaScript code can bypass the access control by using so called reflection API. The following piece of example JavaScript acquires a reference to a supposedly restricted, private class “sun.text.Utility”:

[script language=javascript]
var c=document.applets[0].getClass().forName(‘sun.text.Utility’);
alert(‘got Class object: ‘+c)
[/script]

대박이군여…

Similar Posts:

Post a Comment

Your email is never published nor shared.