IBM Java Multiple Remote Code Execution Vulnerabilities

Summary

IBM Java is prone to multiple remote code-execution vulnerabilities in Java Runtime Environment.

Credit:

The information has been provided by Adam Gowdiak.


Details

Vulnerable Systems:
 * IBM Java SDK 6 SR10
 * IBM Java SDK 6

To exploit these issues, an attacker must entice an unsuspecting user into visiting a specially crafted webpage that contains a malicious Applet or into opening a specially crafted file. An attacker can exploit these issues to execute arbitrary code and bypass sandbox security feature of Java in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Disclosure Timeline:
Published: November 14 2012

Categories: News