Patch-ID# 106678-01 Keywords: ENCRYPTION, INTERNATIONAL: Netscape4.05 ClassLoader Java Vulnerability Synopsis: Netscape 4.05: ClassLoader Java vulnerability Date: Oct/28/98 ****************************************************** The items made available through this website are subject to United States export laws and may be subject to export and import laws of other countries. You agree to strictly comply with all such laws and obtain licenses to export, re-export, or import as may be required. Unless expressly authorized by the United States Government to do so you will not, directly or indirectly, export or re-export the items made available through this website, nor direct the items therefrom, to any embargoed or restricted country identified in the United States export laws, including but not limited to the Export Administration Regulations (15 C.F.R. Parts 730-774). ****************************************************** Solaris Release: 2.5, 2.5.1, 2.6, 7 SunOS Release: 5.5, 5.5.1, 5.6, 5.7 Unbundled Product: Netscape Unbundled Release: 4.05 Relevant Architectures: sparc BugId's fixed with this patch: 4164162 Changes incorporated in this version: Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: NSCPcom NSCPcom/libjsd.so NSCPcom/.netscape.bin NSCPcom/movemail NSCPcom/vreg NSCPcom/XKeysymDB NSCPcom/registry NSCPcom/netscape NSCPcom/lib 0755 NSCPcom/lib/locale NSCPcom/lib/locale/C NSCPcom/lib/locale/C/nethelp NSCPcom/lib/locale/C/nethelp/Back_dep.gif NSCPcom/lib/locale/C/nethelp/Back_dis.gif NSCPcom/lib/locale/C/nethelp/Back_sel.gif NSCPcom/lib/locale/C/nethelp/Back_up.gif NSCPcom/lib/locale/C/nethelp/Exit_dep.gif NSCPcom/lib/locale/C/nethelp/Exit_sel.gif NSCPcom/lib/locale/C/nethelp/Exit_up.gif NSCPcom/lib/locale/C/nethelp/Forw_dep.gif NSCPcom/lib/locale/C/nethelp/Forw_dis.gif NSCPcom/lib/locale/C/nethelp/Forw_sel.gif NSCPcom/lib/locale/C/nethelp/Forw_up.gif NSCPcom/lib/locale/C/nethelp/Prnt_dep.gif NSCPcom/lib/locale/C/nethelp/Prnt_sel.gif NSCPcom/lib/locale/C/nethelp/Prnt_up.gif NSCPcom/lib/locale/C/nethelp/Tool_dep.gif NSCPcom/lib/locale/C/nethelp/Tool_sel.gif NSCPcom/lib/locale/C/nethelp/Tool_up.gif NSCPcom/lib/locale/C/nethelp/Wait.gif NSCPcom/lib/locale/C/nethelp/Blank.htm NSCPcom/lib/locale/C/nethelp/CntTool.htm NSCPcom/lib/locale/C/nethelp/IdxFill.htm NSCPcom/lib/locale/C/nethelp/IdxKey.htm NSCPcom/lib/locale/C/nethelp/IdxTool.htm NSCPcom/lib/locale/C/nethelp/IdxTopic.htm NSCPcom/lib/locale/C/nethelp/NSHIfrm.htm NSCPcom/lib/locale/C/nethelp/NavUI.htm NSCPcom/lib/locale/C/nethelp/NoJSerr.htm NSCPcom/lib/locale/C/nethelp/Status.htm NSCPcom/lib/locale/C/nethelp/System.htm NSCPcom/lib/locale/C/nethelp/ToolUI.htm NSCPcom/lib/locale/C/nethelp/Button.js NSCPcom/lib/locale/C/nethelp/CntData.js NSCPcom/lib/locale/C/nethelp/CntTool.js NSCPcom/lib/locale/C/nethelp/Header.js NSCPcom/lib/locale/C/nethelp/IdxData.js NSCPcom/lib/locale/C/nethelp/Local-1.js NSCPcom/lib/locale/C/nethelp/Stack.js NSCPcom/lib/locale/C/nethelp/System.js NSCPcom/lib/locale/C/nethelp/Topic.js NSCPcom/lib/locale/C/nethelp/netscape NSCPcom/lib/locale/C/nethelp/netscape/collabra NSCPcom/lib/locale/C/nethelp/netscape/collabra/collabra.gif NSCPcom/lib/locale/C/nethelp/netscape/collabra/discgrps.gif NSCPcom/lib/locale/C/nethelp/netscape/collabra/coll.htm NSCPcom/lib/locale/C/nethelp/netscape/collabra/collHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/collabra/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/composer NSCPcom/lib/locale/C/nethelp/netscape/composer/comp.htm NSCPcom/lib/locale/C/nethelp/netscape/composer/compHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/composer/composer.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/comtlbr2.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/fmtlbr3.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/composer/tagicon2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc NSCPcom/lib/locale/C/nethelp/netscape/confernc/brws2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/chat2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/circle2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/conf.htm NSCPcom/lib/locale/C/nethelp/netscape/confernc/confHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/confernc/confernc.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/eraser2.gif NSCPPcom/lib/locale/C/nethelp/netscape/confernc/fhndtl2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/filex2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/confernc/horline2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/line2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/pointer2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/rect2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/txttool2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/whtbd2.gif NSCPcom/lib/locale/C/nethelp/netscape/home NSCPcom/lib/locale/C/nethelp/netscape/home/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/home/home.gif NSCPcom/lib/locale/C/nethelp/netscape/home/home.htm NSCPcom/lib/locale/C/nethelp/netscape/home/homeHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr NSCPcom/lib/locale/C/nethelp/netscape/messengr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/messengr/mailbox.gif NSCPcom/lib/locale/C/nethelp/netscape/messengr/mess.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr/messHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr/messengr.gif NSCPcom/lib/locale/C/nethelp/netscape/messengr/mpctrl.gif NSCPcom/lib/locale/C/nethelp/netscape/navigatr NSCPcom/lib/locale/C/nethelp/netscape/navigatr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/navigatr/nav.htm NSCPcom/lib/locale/C/nethelp/netscape/navigatr/navHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/navigatr/navigatr.gif NSCPcom/lib/locale/C/nethelp/netscape/netcastr NSCPcom/lib/locale/C/nethelp/netscape/netcastr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/netcastr/net.htm NSCPcom/lib/locale/C/nethelp/netscape/netcastr/netHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/netcastr/netcastr.gif NSCPcom/lib/locale/C/nethelp/netscape/shared NSCPcom/lib/locale/C/nethelp/netscape/collabra/collHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/collabra/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/composer NSCPcom/lib/locale/C/nethelp/netscape/composer/comp.htm NSCPcom/lib/locale/C/nethelp/netscape/composer/compHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/composer/composer.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/comtlbr2.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/fmtlbr3.gif NSCPcom/lib/locale/C/nethelp/netscape/composer/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/composer/tagicon2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc NSCPcom/lib/locale/C/nethelp/netscape/confernc/brws2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/chat2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/circle2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/conf.htm NSCPcom/lib/locale/C/nethelp/netscape/confernc/confHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/confernc/confernc.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/eraser2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/fhndtl2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/filex2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/confernc/horline2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/line2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/pointer2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/rect2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/txttool2.gif NSCPcom/lib/locale/C/nethelp/netscape/confernc/whtbd2.gif NSCPcom/lib/locale/C/nethelp/netscape/home NSCPcom/lib/locale/C/nethelp/netscape/home/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/home/home.gif NSCPcom/lib/locale/C/nethelp/netscape/home/home.htm NSCPcom/lib/locale/C/nethelp/netscape/home/homeHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr NSCPcom/lib/locale/C/nethelp/netscape/messengr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/messengr/mailbox.gif NSCPcom/lib/locale/C/nethelp/netscape/messengr/mess.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr/messHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/messengr/messengr.gif NSCPcom/lib/locale/C/nethelp/netscape/messengr/mpctrl.gif NSCPcom/lib/locale/C/nethelp/netscape/navigatr NSCPcom/lib/locale/C/nethelp/netscape/navigatr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/navigatr/nav.htm NSCPcom/lib/locale/C/nethelp/netscape/navigatr/navHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/navigatr/navigatr.gif NSCPcom/lib/locale/C/nethelp/netscape/netcastr NSCPcom/lib/locale/C/nethelp/netscape/netcastr/help.hpf NSCPcom/lib/locale/C/nethelp/netscape/netcastr/net.htm NSCPcom/lib/locale/C/nethelp/netscape/netcastr/netHdr.htm NSCPcom/lib/locale/C/nethelp/netscape/netcastr/netcastr.gif NSCPcom/lib/locale/C/nethelp/netscape/shared Problem Description: The ClassLoader Java vulnerability could allow a malicious web site operator to use a Java applet to read, modify, or delete files on a user's local machine. Only users who visit the malicious web site where such a Java applet resides and who run the applet would be affected. Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch." For Solaris 7 release, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/106678-01 The following example removes a patch from a standalone system: example# patchrm 106678-01 For additional examples please see the appropriate man pages." Special Install Instructions: ----------------------------- NONE