‘Sun Java Web Start BasicServiceImpl Code Execution Vulnerability’

Summary

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime.’

Credit:

‘The information has been provided by Matthias Kaiser .
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-10-202/


Details

Vulnerable Systems:
 * Sun Microsystems Java Runtime

User interaction is required in that a target must visit a malicious page.

The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start retrieves security policies, an attacker can forge their own and force the removal of sandbox restrictions. Successful exploitation leads to code execution under the context of the user running the browser.

Patch Availability:
Sun Microsystems has issued an update to correct this vulnerability at:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

CVE Information:
CVE-2010-3563

Disclosure Timeline:
2010-04-05 – Vulnerability reported to vendor
2010-10-12 – Coordinated public release of advisory’

Categories: News