Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass

Author: Jouko Pynnonen
type: dos
platform: multiple
port: 
date_added: 2004-11-22  
date_updated: 2013-03-13  
verified: 1  
codes: CVE-2004-1029;OSVDB-12095  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 24763.txt  

source: https://www.securityfocus.com/bid/11726/info

A vulnerability is reported to exist in the access controls of the Java to JavaScript data exchange within web browsers that employ the Sun Java Plug-in. Reports indicate that it is possible for a malicious website that contains JavaScript code to exploit this vulnerability to load a dangerous Java class and to pass this class to an invoked applet.

[script language=javascript]
var c=document.applets[0].getClass().forName('sun.text.Utility');
alert('got Class object: '+c)
[/script]