CVE-2003-0896

Name of the Vulnerable Software and Affected Versions Java Virtual Machine (JVM) in Sun SDK and JRE versions 1.4.1 03 and earlier

Description The issue allows remote attackers to bypass sandbox restrictions and execute arbitrary code. This is achieved by loading a class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.

Recommendations For Java Virtual Machine (JVM) in Sun SDK and JRE versions 1.4.1 03 and earlier, update to a version later than 1.4.1 03 to resolve the issue.