Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

Last Revised

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR file on the affected system.



US-CERT encourages users and administrators to review US-CERT Vulnerability Note VU#886582 and implement any necessary workarounds to help mitigate the risk until a fix is available from the product vendor.



US-CERT will provide additional information as it becomes available.

This product is provided subject to this Notification and this Privacy & Use policy.