Phase:Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.
ReferencesBUGTRAQ:Friday, December 15, 2000 Security Hole of MRJ 2.2.3 (Mac OS Runtime for Java) - Inconsistent Use of CODEBASE and ARCHIVE Attributes - | URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0241.html | XF:mrj-runtime-malicious-applets | URL:http:
Votes:Proposed (Friday, February 02, 2001)
Comments: ACCEPT(1) Frech | NOOP(3) Ziese, Wall, Cole
F7: