Secunia Advisory: SA25981
Release Date: 2007-07-10
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Java Web Start 1.x
Sun Java JRE 1.5.x / 5.x
Sun Java JRE 1.6.x / 6.x
Description:
Daniel Soeder has reported a vulnerability in Sun Java JRE, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the Java Web Start component (javaws.exe) when processing JNLP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted JNLP file with an overly long codebase attribute.
Successful exploitation allows execution of arbitrary code e.g. when a user visits a malicious website.
The vulnerability is reported in the following versions:
* Java Runtime Environment 6 Update 1 and earlier
* Java Runtime Environment 5 Update 11, and earlier
Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/
Solution:
Apply updates.
JRE 5 Update 12:
http://java.sun.com/javase/downloads/index_jdk5.jsp
JRE 6 Update 2:
http://java.sun.com/javase/downloads/index.jsp
Bollettino Secunia
Release Date: 2007-07-10
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Java Web Start 1.x
Sun Java JRE 1.5.x / 5.x
Sun Java JRE 1.6.x / 6.x
Description:
Daniel Soeder has reported a vulnerability in Sun Java JRE, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the Java Web Start component (javaws.exe) when processing JNLP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted JNLP file with an overly long codebase attribute.
Successful exploitation allows execution of arbitrary code e.g. when a user visits a malicious website.
The vulnerability is reported in the following versions:
* Java Runtime Environment 6 Update 1 and earlier
* Java Runtime Environment 5 Update 11, and earlier
Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/
Solution:
Apply updates.
JRE 5 Update 12:
http://java.sun.com/javase/downloads/index_jdk5.jsp
JRE 6 Update 2:
http://java.sun.com/javase/downloads/index.jsp
Bollettino Secunia
