[Japanese] | |
JVNDB-2005-000705 | |
Fujitsu Java Runtime Environment reflection API vulnerability | |
Overview | |
A vulnerability exists in the reflection API in the Java Runtime Environment that may allow a Java applet to elevate its privileges bypassing its security restrictions. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 7.5 (High) [IPA Score]
| |
Affected Products | |
| |
IBM Corporation | |
| |
Impact | |
If a user downloads and executes a specially crafted applet, a remote attacker could access local files with the elevated privileges or execute arbitrary code with the privilege of the user running the applet. | |
Solution | |
| |
Vendor Information | |
IBM Corporation | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2005/11/28 |
Date First Published | 2008/05/21 |
Date Last Updated | 2008/05/21 |