Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading
Highly critical

Sun Java JDK / JRE Multiple Vulnerabilities

-

Release Date:  2008-07-09    Last Update:  2008-07-18    Views:  70,583

Secunia Advisory SA31010

Where:

From remote

Impact:

Security Bypass, Exposure of system information, Exposure of sensitive information, DoS, System access

Solution Status:

Vendor Patch

CVE Reference(s):

Description


Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to bypass certain security restrictions, disclose system information or potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.

1) An error in the Java Runtime Environment Virtual Machine can be exploited by a malicious, untrusted applet to read and write local files and execute local applications.

2) An error in the Java Management Extensions (JMX) management agent can be exploited by a JMX client to perform certain unauthorized operations on a system running JMX with local monitoring enabled.

3) Two errors within the scripting language support in the Java Runtime Environment can be exploited by malicious, untrusted applets to access information from another applet, read and write local files, and execute local applications.

4) Boundary errors in Java Web Start (e.g. within the "GetVMArgsOption()" function when parsing specially crafted JNLP files) can be exploited by an untrusted Java Web Start applications to cause buffer overflows.

5) Three errors in Java Web Start (e.g. a directory traversal within the "writeManifest()" function) can be exploited by an untrusted Java Web Start applications to create or delete arbitrary files with the privileges of the user running the untrusted Java Web Start application, or to determine the location of the Java Web Start cache.

6) An error in the implementation of Secure Static Versioning allows applets to run on an older release of JRE.

7) Errors in the Java Runtime Environment can be exploited by an untrusted applet to bypass the same origin policy and establish socket connections to certain services running on the local host.

8) An error in the Java Runtime Environment when processing certain XML data can be exploited to allow unauthorized access to certain URL resources or cause a DoS.

Successful exploitation requires the JAX-WS client or service in a trusted application to process the malicious XML data.

9) An error in the Java Runtime Environment when processing certain XML data can be exploited by an untrusted applet or application to gain unauthorized access to certain URL resources.

10) A boundary error when processing fonts in the Java Runtime Environment can be exploited to cause a buffer overflow.

Please see the vendor advisories for details on affected products and versions.


Solution:
Update to the fixed version.

Further details available to Secunia VIM customers

Provided and/or discovered by:
1) The vendor credits Fujitsu
4) The vendor credits:
* John Heasman of NGSSoftware
* An anonymous researcher, reporting via ZDI
5) Peter Csepely, reporting via ZDI
6) The vendor credits John Heasman of NGSSoftware
7) The vendor credits Gregory Fleischer
10) The vendor credits John Heasman of NGSSoftware

Original Advisory:
Sun:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238666-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238687-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238905-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238965-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238966-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238967-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238968-1

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-042/
http://www.zerodayinitiative.com/advisories/ZDI-08-043/

Deep Links:
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Sun Java JDK / JRE Multiple Vulnerabilities

No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability