A hacker would exploit the hole by using a distrusted Java applet to "listen" to data being transmitted between a client and an HTTP proxy server running a Java VM. Browsers that are not configured to surf via a proxy server are not affected.
Windows 98, 2000, and ME are affected by the problem, as well as all Internet Explorer browsers up to version 5.5. Versions of Netscape's browser, version 6.1 and lower, are also impacted, as are some Solaris and Linux releases that ship with the problematic virtual machine.
Microsoft issued an update to its Java VM this week, while Sun/Netscape have said users should upgrade to the latest version of its browser.
Note:All of article
The link for this article located at InternetWeek is no longer available.
