| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft Security Bulletin MS02-013: Java Applet Can Redirect Browser Traffic | |
|
||
| Time: 09:18 EST/14:18 GMT | News Source: ActiveWin.com | Posted By: Robert Stein | ||
|
The version of the Microsoft VM that ships with Internet Explorer version 4.x and 5.x contains a flaw affecting how Java requests for proxy resources are handled. A malicious Java applet could exploit this flaw to re-direct web traffic once it has left the proxy server to a destination of the attacker’s choice. An attacker could use this flaw to send a user’s Internet session to a system of his own control, without the user being aware of this. The attacker could then forward the information on to the intended destination, giving the appearance that the session was behaving normally. The attacker could then send his own malicious response, making it seem to come from the intended destination, or could discard the session information, creating the impression of a denial of service. Additionally, the attacker could capture and save the user’s session information. This could enable him to execute a replay attack or to search for sensitive information such as user names or passwords. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 304 Last | Next |
The time now is
5:02:58 PM
ET.
Any comment problems? E-mail us |
| #1 By 3653 (68.53.80.99) at 3/5/2002 10:41:04 PM |
|
#5... you should check your facts. It isn't just a Microsoft flaw. Sun's own JVM is faulty too. Read all about it at the link below. And how funny that you would call #1 stupid. Who's stupid now?
http://www.infoworld.com/articles/hn/xml/02/03/05/020305hnmsflaw2.xml Versions 6.1 and lower of Netscape could contain the flaw, according to a Sun security bulletin. In addition, users of Sun's Solaris operating system that have not installed periodic updates could also be affected. |
| #2 By 3653 (68.53.80.99) at 3/5/2002 10:41:47 PM |
| EMR6130, would you like to amend your statement? |
|
Write Comment
Return to News |
Displaying 1 through 25 of 304 Last | Next |
The time now is
5:02:58 PM
ET.
Any comment problems? E-mail us |
