Secunia SmallBusiness
Overview
Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Secunia Advisory SA49472

Oracle Java Multiple Vulnerabilities
Secunia Advisory SA49472
Secunia VIM 4.0 - Free Trial
Release Date 2012-06-13
Last Update 2012-12-21
   
Popularity 38,801 views
Comments 1 comment

Criticality level Highly criticalHighly critical
Impact Cross Site Scripting
Manipulation of data
Exposure of sensitive information
DoS
System access
Where From remote
Authentication level This information is available to Secunia VIM customers
   
Report reliability This information is available to Secunia VIM customers
Solution Status Vendor Patch
   
Systems affected This information is available to Secunia VIM customers
Approve distribution This information is available to Secunia VIM customers
   
Software:
Oracle Java JDK 1.5.x / 5.x
Oracle Java JDK 1.7.x / 7.x
Oracle Java JRE 1.7.x / 7.x
Oracle Java SDK 1.4.x / 4.x
Sun Java JDK 1.6.x / 6.x
Sun Java JRE 1.4.x / 4.x
Sun Java JRE 1.5.x / 5.x
Sun Java JRE 1.6.x / 6.x
Secunia CVSS Score This information is available to Secunia VIM Customers
CVE Reference(s) CVE-2012-0551 CVSS score available to Secunia VIM customers
CVE-2012-1711 CVSS score available to Secunia VIM customers
CVE-2012-1713 CVSS score available to Secunia VIM customers
CVE-2012-1716 CVSS score available to Secunia VIM customers
CVE-2012-1717 CVSS score available to Secunia VIM customers
CVE-2012-1718 CVSS score available to Secunia VIM customers
CVE-2012-1719 CVSS score available to Secunia VIM customers
CVE-2012-1720 CVSS score available to Secunia VIM customers
CVE-2012-1721 CVSS score available to Secunia VIM customers
CVE-2012-1722 CVSS score available to Secunia VIM customers
CVE-2012-1723 CVSS score available to Secunia VIM customers
CVE-2012-1724 CVSS score available to Secunia VIM customers
CVE-2012-1725 CVSS score available to Secunia VIM customers
CVE-2012-1726 CVSS score available to Secunia VIM customers
  

Description

Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

1) An error in the "BasicService.showDocument" Java Webstart function allows passing additional parameters to a browser, which depending on the used default browser may allow execution of arbitrary code.

2) An error when handling System Properties through JNLP files can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

3) An error in the Deployment subcomponent can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

4) An error in the Hotspot subcomponent can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

5) An error in the Hotspot subcomponent can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

6) An error in the Swing subcomponent can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

Successful exploitation of vulnerabilities #1 through #6 may allow execution of arbitrary code.

7) An error in the CORBA subcomponent can be exploited to disclose and manipulate some data via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

8) An error in the Libraries subcomponent can be exploited to disclose and manipulate some data via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

9) An error in the Deployment subcomponent can be exploited via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

For more information see vulnerability #2:
SA48798

10) An error in the CORBA subcomponent can be exploited to manipulate some data via untrusted Java Web Start applications and untrusted Java applets in a client deployment only.

11) An error in the JAXP subcomponent can be exploited to manipulate some data and cause a DoS via untrusted Java Web Start applications and untrusted Java applets or specially crafted data passed to certain APIs.

12) An error in the Security subcomponent can be exploited to cause a DoS via untrusted Java Web Start applications and untrusted Java applets or specially crafted data passed to certain APIs.

13) An error in the Networking subcomponent can be exploited by local users to manipulate some data and cause a DoS to a server deployment running on Solaris only.

14) An error in the printing functionality due to creating temporary spool files with insecure permissions can be exploited to disclose the contents of printed documents owned by other users.

The vulnerabilities are reported in the following products:
* JDK and JRE version 7 Update 4 and prior.
* JDK and JRE version 6 Update 32 and prior.
* JDK and JRE version 5.0 Update 35 and prior.
* SDK and JRE version 1.4.2_37 and prior.


Solution
Apply updates.

Provided and/or discovered by
1, 2) Chris Ries via ZDI.
14) Andrei Costin via Secunia.

It is currently unclear who reported the rest of the vulnerabilities as the Oracle Java Critical Patch Update for June 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Oracle:
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.oracle.com/technetwork/topics/security/javacpujun2012verbose-1515971.html

Andrei Costin:
http://andreicostin.com/index.php/brain/2012/06/15/acsa_2012_03_java_print_spooling_data_le

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-12-142/
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0206.html

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers


Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Oracle Java Multiple Vulnerabilities
 
User Message
poipu96756 RE: Oracle Java Multiple Vulnerabilities
Member 19th Jun, 2012 18:32
Score: 1
Posts: 1
User Since: 10th May 2012
System Score: N/A
Location: KH
Last edited on 19th Jun, 2012 18:32		 why are the updates provided by Secunia unsigned? is this dangerous?
Was this reply relevant?
+1
-0

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability