CVE-2002-0058

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions prior to the fixed version Netscape versions 6.0 through 6.1 and 4.79 and earlier Microsoft VM build 3802 and earlier

Description A remote issue in Java Runtime Environment allows malicious web sites to hijack or sniff a web client's sessions when an HTTP proxy is being used. This can be achieved via a Java applet that redirects the session to another server.

Recommendations For Java Runtime Environment versions prior to the fixed version, update to a version that contains a fix for this issue. For Netscape versions 6.0 through 6.1 and 4.79 and earlier, consider disabling Java applets until a patch is available. For Microsoft VM build 3802 and earlier, restrict access to Java applets in Internet Explorer 4.x and 5.x to minimize the risk of exploitation.