Java Runtime Environment Vulnerability in Sun SDK
CVE-2004-2764

Currently unrated

Key Information:

Vendor: Oracle
Status: Jre; Sdk
Vendor: CVE Published:; 2 June 2009

Summary

The vulnerability in the Sun SDK and Java Runtime Environment allows untrusted applets and unprivileged servlets to gain elevated privileges, leading to unauthorized access to sensitive data from other applets. This issue arises from unspecified vectors related to classes in the XSLT processor, commonly referred to as 'XML sniffing'. It highlights the risks associated with executing untrusted content in secure environments, necessitating careful management of applet permissions and security configurations.

References

http://groups.google.com/group/comp.security.unix/tree/br...

vendor-advisoryx_refsource_HP

https://exchange.xforce.ibmcloud.com/vulnerabilities/16864

vdb-entryx_refsource_XF

http://www.osvdb.org/8288

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jun 2, 2009
Vulnerability Reserved
Jun 1, 2009