Apple Mac OS X Java Calendar Deserialisation Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 22 May 2009 4792 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Apple Mac OS X, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an error in Java within the deserialization of Calendar objects, which could be exploited by attackers to bypass the Java sandbox and execute arbitrary code by tricking a user into visiting a web page containing a malicious applet.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apple Mac OS X versions 10.x
  • Apple Mac OS X Server versions 10.x

Solutions

Note: There is no patch available for this vulnerability currently.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Winamplibsndfile.dll VOC File Processing Heap Overflow Vulnerability

19 May 2009 4778 Views

Next

Novell GroupWise Multiple Vulnerabilities

25 May 2009 4924 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY