Version(s): prior to 1.4.2_06
Description: iDEFENSE reported a vulnerability in Sun's Java plug-in. A remote applet can bypass Java sandbox security mechanisms and execute arbitrary code on the target system.
Web browsers using the plug-in with an affected version of the Java Virtual Machine are vulnerable.
The vendor was notified on June 29, 2004.
The original advisory is available at:
Impact: A remote user can execute arbitrary code on the target user's system.
Solution: The vendor has issued a fixed version (1.4.2_06), available at:
IBM Fixes DoS Server Holes
Two Denial of Service (DoS) exposures have been identified in releases of IBM HTTP Server V2.0. CAN-2004-0942 and CAN-2004-0809.
Both exposures are resolved with the following interim fix for APAR PQ94389: