|
|
>> Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
|
Multiple vulnerabilities have been identified in Sun Java, which could be exploited by remote attackers to bypass security restrictions or take complete control of an affected system.
The first issue is caused by unspecified errors in the Java Runtime Environment Virtual Machine, which may allow an untrusted application or applet to elevate its privileges and gain permissions to read and write local files or execute local applications.
The second vulnerability is caused by an error when processing XSLT transformations, which may allow an untrusted applet or application to elevate its privileges and read certain unauthorized URL resources (such as some files and web pages) or potentially execute arbitrary code.
The third issue is caused by buffer overflow and security bypass errors in Java Web Start when handling certain applications, which could be exploited by malicious web sites to read and write local files or execute local applications.
The fourth vulnerability is caused by a same origin policy bypass error in the Java Plug-in, which could be exploited by malicious applets to execute local applications.
The fifth issue is caused by errors in the image parsing and color management libraries when processing malformed data, which could be exploited by unttrusted applets to cause a denial of service, read and write local files, or execute local applications.
The sixth vulnerability is caused by an error when handling JavaScript code, which could be exploited by malicious web sites to gain unauthorized access to arbitrary files.
The seventh issue is caused by a buffer overflow error in Java Web Start, which could allow an untrusted application to grant itself permissions to read and write local files or execute local applications.
Affected Products
Sun JDK versions prior to 6 Update 5
Sun JDK versions prior to 5.0 Update 15
Sun JRE versions prior to 6 Update 5
Sun JRE versions prior to 5.0 Update 15
Sun JRE versions prior to 1.4.2_17
Sun JRE versions prior to 1.3.1_22
Sun SDK versions prior to 1.4.2_17
Sun SDK versions prior to 1.3.1_22
Solution
Upgrade to JDK/JRE 6 Update 5, JDK/JRE 5.0 Update 15, SDK/JRE 1.4.2_17, or SDK/JRE 1.3.1_22 :
http://java.sun.com/
References
http://www.vupen.com/english/advisories/2008/0770
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1
Credits
Vulnerabilities reported by Hisashi Kojima, Fujitsu, JPCERT/CC, ZDI, John Heasman (NGSSoftware), Chris Evans (Google Security Team), Gregory Fleischer, Mozilla and CERT/CC.
ChangeLog
2008-03-05 : Initial release
2008-03-06 : Updated Description
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
