wylbur37 wrote:
The web page at http://misogyny-central.com/fp1.html
runs a Java applet. The pertinent code is shown here ...
applet code=Time.class
codebase=http://misogyny-central.com/ipw-web/date/;
width=308
height=20
param name=textcolor value=00
Joe wrote:
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] says...
Is there any way of knowing what the applet Time.class will do?
Just because it's named Time.class doesn't mean it has anything
to do with time. (A Java program can be named *anything* to hide
its true intent, and could
AvianFlux wrote:
There's a way to take out any risks associated with applets that's
built into the Java Control Panel settings, however.
Launch the Control Panel, disable Java applet cacheing. As a added
precaution, set Temporary Internet Files storage to 0 MBs. That way
nothing, Java
wylbur37 wrote:
If you visit a webpage that runs a malicious Java applet,
it'll do its dirty deed whether there's a cache or not, wouldn't it?
So how would the absence of a cache help you?
Because, Java applets applications will not be saved to a file unless
the Control Panel preferences are
This is what Jotti's Malware Scan returns for 'Time.class':
http://virusscan.jotti.org/
File: Time.class
Status: OK
MD5 23e95f3c2fb63e84d4a0c14269667d2a
Packers detected: -
Scanner results
AntiVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
Hi!
wylbur37 wrote:
AvianFlux wrote:
There's a way to take out any risks associated with applets that's
built into the Java Control Panel settings, however.
Launch the Control Panel, disable Java applet cacheing. As a added
precaution, set Temporary Internet Files storage to 0 MBs. That way
wylbur37 wrote:
Do you know of any decompiler that would, in effect,
convert a .class file back to a .java file?
http://kpdus.tripod.com/jad.html#general
___
Mozilla-security mailing list
Mozilla-security@mozilla.org
The web page at http://misogyny-central.com/fp1.html
runs a Java applet. The pertinent code is shown here ...
applet code=Time.class
codebase=http://misogyny-central.com/ipw-web/date/;
width=308
height=20
param name=textcolor value=00
param
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] says...
Is there any way of knowing what the applet Time.class will do?
Just because it's named Time.class doesn't mean it has anything
to do with time. (A Java program can be named *anything* to hide
its true intent, and could conceivably be
javap (part of the SDK) produces 'disassembled java' and could be
useful in this context.
Important to check is your java policy file, located in
java.home\lib\security\java.policy or user.home\.java.policy - this
file allows you to grant permissions to certain sites / applets. (or
use
10 matches
Mail list logo
