header-logo
Suggest Exploit
vendor:
Communicator
by:
SecurityFocus
7.5
CVSS
HIGH
Redirection of Program Flow
94
CWE
Product Name: Communicator
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Netscape Communicator Java! JustInTime Compiler Vulnerability

A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java bytecode. If a malicious applet is compiled by the vulnerable compiler, it may be possible to redirect program flow to point to attacker-controlled memory. Successful execution of attacker-supplied instructions may result in arbitrary system commands being executed outside of the Java sandbox, with privileges of the JVM process.

Mitigation:

Ensure that all applications are kept up-to-date with the latest security patches and updates.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6222/info

A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java bytecode.

If a malicous applet is compiled by the vulnerable compiler, it may be possible to redirect program flow to point to attacker-controlled memory.

Successful execution of attacker-supplied instructions may result in arbitrary system commands being executed outside of the Java sandbox, with privileges of the JVM process.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/22028.tar.gz

Navigation

Suggest Exploit

Services By CQR