Threat | Program Threats cont’d

• Browser components

  • ActiveX or JAVA applets downloaded automatically from web page
  • JAVA applets constrained to sandbox, but implementation errors can be exploited
  • ActiveX components unrestricted, security depends on evaluating their source
  • Trusted components oftentimes marked safe for scripting
    • Provides useful functionality
    • Provides potential vulnerabilities