Description of problem: A security vulnerability in the Java Runtime Environment Applet Class Loader may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the local host, as if it were loaded from the system that the applet is running on. This may allow the untrusted remote applet the ability to exploit any security vulnerabilities existing in the services it has connected to. Version-Release number of selected component (if applicable): Affects: RHEL4-EXTRAS-U5 Additional info: IBM Java may also be affected (due to shared codebase).
This issue has been addressed in following products: Red Hat Enterprise Linux version 4 Extras Via RHSA-2007:0818 https://rhn.redhat.com/errata/RHSA-2007-0818.html
This issue has been addressed in following products: Red Hat Enterprise Linux version 4 Extras RHEL Supplementary version 5 Via RHSA-2007:0829 https://rhn.redhat.com/errata/RHSA-2007-0829.html
This issue has been addressed in following products: Red Hat Enterprise Linux version 2.1 Via RHSA-2008:0133 https://rhn.redhat.com/errata/RHSA-2008-0133.html