Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P3
Fix Version/s: 7
Affects Version/s: 7
Component/s: client-libs
Labels:
None

Subcomponent:
javax.swing
Resolved In Build:
b27
CPU:

generic
OS:

generic

There is an oversight in the fix for 6675802. It allows a malicious applet to show an always-on-top popup menu which has the whole screen size. A code example is below:
=== Source Begin ===
import javax.swing.*;
import java.awt.*;

public class MaliciousApplet extends JApplet {
    public void start() {
        JPopupMenu popupMenu = new JPopupMenu();
        popupMenu.add(new JMenuItem("Click"));

        Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
        popupMenu.setPopupSize(screenSize);

        popupMenu.show(null, 0, 0);
    }
}
=== Source End ===

relates to

JDK-6580930 Swing Popups should overlap taskbar

Resolved

JDK-8074481 [macosx] Menu items are appearing on top of other windows

Resolved

JDK-6694823 A popup menu can be partially hidden under the task bar in applets

Resolved

JDK-6675802 Regression: heavyweight popups cause SecurityExceptions in applets

Closed

Assignee:: Mikhail Lapshin (Inactive)

Reporter:: Mikhail Lapshin (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2008-04-21 09:13

Updated:: 2015-03-17 07:52

Resolved:: 2008-04-30 10:01

Imported:: 16/Sep/12 7:41 AM

Indexed:: 18/Jul/12 3:16 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates