The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft java virtual machine 1.1 |