Java plugin vulnerability



There is a number of private Java packages in the Java VM, meant to be used only by the VM internally. Java Applets can’t normally access these packages because of security concerns. Attempting to access them normally results in an AccessControlException.

The problem is that JavaScript code can bypass the access control by using so called reflection API. The following piece of example JavaScript acquires a reference to a supposedly restricted, private class “sun.text.Utility”:

[script language=javascript]
var c=document.applets[0].getClass().forName(‘sun.text.Utility’);
alert(‘got Class object: ‘+c)



Leave a Reply

Your email address will not be published. Required fields are marked *