Java Plugin 1.4.2 Sandbox Escape via Reflection API

Key Information Vulnerability Name Java Plugin Arbitrary Package Access Vulnerability Overview Impact: Sun Microsystems' Java Plugin connects Java technology to web browsers, enabling the use of Java Applets. Vulnerability: A flaw in the Java Plugin allows attackers to create an Applet capable of disabling Java security restrictions and breaking out of the Java sandbox. The attack is triggered when the victim views a malicious webpage created by the attacker. Attack Method: No further user interaction is required; the Applet automatically loads and executes, enabling actions such as browsing, reading or modifying files, and uploading additional programs. Detailed Information Issue: JavaScript code can bypass access controls by using reflection APIs to obtain references to restricted private classes (e.g., ). Impact: Attackers can exploit other private classes to directly access memory or modify private fields of Java objects, and even disable the Java Security Manager. Code Example: Affected Versions Affected Versions: Java Plugin 1.4.2_04 and 1.4.2_05. Test Platforms: Windows and Linux. Browsers: Compatibility issues exist; Opera’s JavaScript and Java integration differs, causing exploitation attempts to fail in this browser. Solution Sun Microsystems was notified on April 29, 2004, and the issue was fixed in J2SE 1.4.2_06. The patched version can be downloaded from: http://java.sun.com/j2se/1.4.2/download.html Discoverer Researcher: Jouko Pynnonen (jouko@iki.fi), Finland.

Goal Reached Thanks to every supporter — we hit 100%!

Java Plugin 1.4.2 Sandbox Escape via Reflection API