Bug 485116 – IcedTea plugin allows applets to call System.exit()

Bug 485116 - IcedTea plugin allows applets to call System.exit()

Summary:	IcedTea plugin allows applets to call System.exit()

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	java-1.6.0-openjdk (Show other bugs)
Sub Component:
Version:	10
Hardware:	All Linux

Priority	low Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Deepak Bhole
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:

URL:
Whiteboard:
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-02-11 12:27 EST by Deepak Bhole
Modified:	2009-04-23 15:28 EDT (History)
CC List:	4 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-04-23 15:28:15 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Deepak Bhole 2009-02-11 12:27:21 EST

An applet can call System.exit(), which in certain cases will cause the JVM to exit. Thus creating a potential DoS attack, as any other running applets will end up shutting down as well.

The fix is in the upstream repository, and need to be brought into Fedora (10 and Rawhide).

Comment 1 Deepak Bhole 2009-04-23 15:28:15 EDT

Fixed in all currently supported releases.

Note You need to log in before you can comment on or make changes to this bug.