Jay, It's an assumption on my part, but there is a quick way to test. The problem was originally reported by a japaneese java group who has frequently in the past focused on MS Java Virtual Machien bugs. There is a test page for browsers that use the JDK to test for this bug found at: http://java-house.etl.go.jp/~takagi/java/security/mrj-clipboard/ The test page is Test.html in that directory and the source of the exploit is Test.java. Of course using this requires you to have a browser which uses the JRE included in the JDK or separate ones. Currently Opera, Mozilla, and Netscape 6 are the only browsers I can think of off the top of my head that use this. I suppose you can try downloading and running the applet via cli if you don't want to install a browser on the system to be sure... Regards, Stan -- Stan Bubrouski stanat_private 23 Westmoreland Road, Hingham, MA 02043 Cell: (617) 835-3284 On Wed, 24 Oct 2001, Jay D. Dyson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > On Wed, 24 Oct 2001, Stanley G. Bubrouski wrote: > > > It appears it affects all versions of JDK before 1.3.1x... > > I see. Have you made Sun aware of this? :) > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > Comment: See http://www.treachery.net/~jdyson/ for current keys. > > iQCVAwUBO9a9nLlDRyqRQ2a9AQG0hwP+Ol3KQIfxVzzUcNW5N8whPJsAr0NVw2us > RGd00E+BozRUkOeXGre1t3lEFa5xhrdjQFTIXkAwzteGn3dAimJsfUxVjspFOAZ4 > ST2EoaiSvZ50ESgAnoWZQ50Z7fQTt5pef6M3s6UEZN6laYebnATlRI38GhPaleyR > CPktPVEc4GQ= > =M6B8 > -----END PGP SIGNATURE----- >
This archive was generated by hypermail 2b30 : Wed Oct 24 2001 - 13:15:06 PDT