----- Original Message ----- From: "Alla Bezroutchko" <alla@xxxxxxxxx> To: <bugtraq@xxxxxxxxxxxxxxxxx>; <full-disclosure@xxxxxxxxxxxxxxxx> Sent: Thursday, November 25, 2004 4:33 AM Subject: [Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability > > As noted by rodmoses(at)yahoo(dot)com Opera remains vulnerable even > after the upgrade of JVM to version 1.4.2_06. (tested on Windows XP SP2, > Opera 7.54, J2SE 1.4.2_06). > This wasn't mentioned in the original disclosure announcement, but is it safe to assume that jre-1.5.0 would *not* be vulnerable? Or has it not been tested? Paul Schmehl (pauls@xxxxxxxxxxxx) Adjunct Information Security Officer University of Texas at Dallas http://www.utdallas.edu/ AVIEN Founding Member
