*** IE flaw permits Java mischief

CobraBoy! (tbyars@earthlink.net)
Mon, 11 Aug 1997 11:35:02 -0700


A Colorado Java developer says he has discovered a flaw in Microsoft's
Internet Explorer that lets Java applets make mischief on users'
systems. CNet reports that Ben Mesander, a Java developer with
Creative Concepts in Boulder, Colo., said Internet Explorer 3.x and
4.0 let a Java applet open a network connection to a server other than
the one it came from. Such a connection is not allowed under the
current Java security model, which leads Mesander to believe the flaw
is in Microsoft's browser and not in Java itself. After looking at the
source code for Mesander's applet, a Sun Microsystems security expert
agreed. For the full story see
http://www.news.com/News/Item/0,4,13226,00.html?latest

-

... at least you can drive something fast, arm your-
self with powerful tools, and look good doing it.
- Preview Release of the Be Operating System

<> tbyars@earthlink.net <>