Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Java跨站Applet Sandbox安全模型冲突漏洞
Vulnerability Description
Sun Java 2 SDK是一款Java实现平台。 Sun Java实现存在一个漏洞,允许Java Applet违反sandbox安全模型,读/写访问不同域中数据。 来自不同站点的跨站(Cross-Site)applet可通过未文档化JDK静态变量共享数据域。当更改这些变量JDK内部状态会遭到破坏和部分功能不正常。这尤其牵涉到依靠org.apache.xalan.processor.XSLProcessorVersion类进行XML处理时,会导致对sandbox安全模型冲突,使未标记applet能未授权
CVSS Information
N/A
Vulnerability Type
N/A