Sandbox Bypass in Microsoft Java Virtual Machine 5.0.0.3810
CVE-2004-0723

Currently unrated

Key Information:

Vendor: Microsoft
Status: Java Virtual Machine
Vendor: CVE Published:; 27 July 2004

Summary

The Microsoft Java Virtual Machine version 5.0.0.3810 contains a vulnerability that allows remote attackers to bypass sandbox restrictions. This flaw enables the retrieval and manipulation of data between applets hosted on different domains through the use of 'GET/Key' and 'PUT/Key/Value' commands. This cross-site Java exploit poses significant risks, as it undermines the security model intended to protect users from potentially harmful operations.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16666

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/10688

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=108948405808522&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Jul 27, 2004
Vulnerability Reserved
Jul 22, 2004