Reposted from RISKS: ---------------------------------------------------------------------- Date: Fri, 17 May 1996 17:11:34 -0400 From: Ed Felten <felten@CS.Princeton.EDU> Subject: Netscape 2.02 RISK SECURITY FLAW IN NETSCAPE 2.02 We have discovered an attack that allows a Java applet running under Netscape Navigator 2.02 to generate and execute arbitrary machine code. The attack combines a new security bug found by Tom Cargill with some ideas previously discovered by the Princeton team. We have implemented a demonstration applet that deletes a file. We are not yet releasing technical details. For more information, contact Ed Felten (felten@cs.princeton.edu, 609-258-5906), or see http://www.cs.princeton.edu/sip/News.html Tom Cargill Independent Consultant http://www.csn.net/~cargill/ Dirk Balfanz, Drew Dean, Ed Felten, Dan Wallach Dept. of Computer Science, Princeton University http://www.cs.princeton.edu/sip/ ------------------------------ ------------------------------------------------------------------------- Steven Weller | Weller's three steps to Greatness: | 1. See what others cannot | 2. Think what others cannot stevenw@best.com | 3. Express what others cannot