Executive Summary
Summary | |
---|---|
Title | Sun Updates for Multiple Vulnerabilities in Java |
Informations | |||
---|---|---|---|
Name | TA08-066A | First vendor Publication | 2008-03-06 |
Vendor | US-CERT | Last vendor Modification | 2008-03-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Sun has released alerts to address multiple vulnerabilities affecting the Sun Java Runtime Environment. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. I. Description The Sun Java Runtime Environment (JRE) allows users to run Java applications in a browser or as standalone programs. Sun has released updates to the Java Runtime Environment software to address multiple vulnerabilities. Further details about these vulnerabilities are available in the US-CERT Vulnerability Notes Database. Sun released the following alerts to address these issues: * 233322 Security Vulnerability in the Java Runtime Environment With the Processing of XSLT Transformations * 233323 Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges * 233324 A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges * 233325 Vulnerabilties in the Java Runtime Environment image Parsing Library * 233326 Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges Through Java APIs * 233327 Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges II. Impact The impacts of these vulnerabilities vary. The most severe of these vulnerabilities allows a remote attacker to execute arbitrary code. III. Solution Apply an update from Sun These issues are addressed in the following versions of the Sun Java Runtime environment: If you install the latest version of Java, older versions of Java may remain installed on your computer. If these versions of Java are not needed, you may wish to remove them. For instructions on how to remove older versions of Java, refer to the following instructions from Sun. Disable Java Disable Java in your web browser, as specified in the Securing Your Web Browser document. While this does not fix the underlying vulnerabilities, it does block a common attack vector. |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA08-066A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
30 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-254 | Security Features |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21767 | |||
Oval ID: | oval:org.mitre.oval:def:21767 | ||
Title: | ELSA-2008:0555: java-1.4.2-ibm security update (Critical) | ||
Description: | Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0555-01 CVE-2008-1187 CVE-2008-1196 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.4.2-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22027 | |||
Oval ID: | oval:org.mitre.oval:def:22027 | ||
Title: | ELSA-2008:0243: java-1.4.2-bea security update (Moderate) | ||
Description: | Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0243-01 CVE-2008-1187 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.4.2-bea |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22181 | |||
Oval ID: | oval:org.mitre.oval:def:22181 | ||
Title: | ELSA-2008:0245: java-1.6.0-bea security update (Moderate) | ||
Description: | Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0245-01 CVE-2008-0628 CVE-2008-1187 CVE-2008-1193 CVE-2008-1194 | Version: | 21 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-bea |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22712 | |||
Oval ID: | oval:org.mitre.oval:def:22712 | ||
Title: | ELSA-2008:0244: java-1.5.0-bea security update (Moderate) | ||
Description: | Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0244-01 CVE-2008-1187 CVE-2008-1193 CVE-2008-1194 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.5.0-bea |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9585 | |||
Oval ID: | oval:org.mitre.oval:def:9585 | ||
Title: | Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue." | ||
Description: | Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1186 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9672 | |||
Oval ID: | oval:org.mitre.oval:def:9672 | ||
Title: | Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue." | ||
Description: | Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1185 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux Extras 4 Red Hat Enterprise Linux Extras 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-28 | Name : Java for Mac OS X 10.5 Update 2 File : nvt/macosx_java_for_10_5_upd_2.nasl |
2009-10-13 | Name : SLES10: Security update for epiphany File : nvt/sles10_mozilla-xulrunn.nasl |
2009-10-13 | Name : SLES10: Security update for IBM Java 1.4.2 File : nvt/sles10_java-1_4_2-ibm1.nasl |
2009-10-13 | Name : SLES10: Security update for IBM Java 1.4.2 File : nvt/sles10_java-1_4_2-ibm3.nasl |
2009-10-13 | Name : SLES10: Security update for Sun Java File : nvt/sles10_java-1_4_2-sun1.nasl |
2009-10-13 | Name : SLES10: Security update for IBM Java 1.5.0 File : nvt/sles10_java-1_5_0-ibm4.nasl |
2009-10-10 | Name : SLES9: Security update for IBM Java2 JRE and SDK File : nvt/sles9p5033560.nasl |
2009-10-10 | Name : SLES9: Security update for IBM Java 2 JRE and SDK File : nvt/sles9p5023603.nasl |
2009-10-10 | Name : SLES9: Security update for IBM Java 5 and JRE File : nvt/sles9p5023460.nasl |
2009-10-10 | Name : SLES9: Security update for Java2 File : nvt/sles9p5023078.nasl |
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5022953.nasl |
2009-04-09 | Name : Mandriva Update for mozilla-firefox MDVSA-2008:080 (mozilla-firefox) File : nvt/gb_mandriva_MDVSA_2008_080.nasl |
2009-03-23 | Name : Ubuntu Update for firefox vulnerabilities USN-592-1 File : nvt/gb_ubuntu_USN_592_1.nasl |
2009-01-23 | Name : SuSE Update for Sun Java SUSE-SA:2008:018 File : nvt/gb_suse_2008_018.nasl |
2009-01-23 | Name : SuSE Update for IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm SUSE-SA:2008... File : nvt/gb_suse_2008_025.nasl |
2009-01-23 | Name : SuSE Update for MozillaFirefox SUSE-SA:2008:019 File : nvt/gb_suse_2008_019.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200806-11 (ibm-jdk-bin ibm-jre-bin) File : nvt/glsa_200806_11.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-28 (jrockit-jdk-bin) File : nvt/glsa_200804_28.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-20 (sun-jdk, sun-jre-bin, emul-linux-x86... File : nvt/glsa_200804_20.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Lin) File : nvt/mozilla_CB-A08-0017.nasl |
2008-06-17 | Name : Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Win) File : nvt/smbcl_mozilla.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42602 | Sun Java Web Start Application JNLP File Handling Overflow (6660121) |
42601 | Sun Java JRE JavaScript Arbitrary Java API Access Java JRE/JDK contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a Java applet is able to access arbitrary network services via unspecified vectors in the Java API. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
42600 | Sun Java JRE Color Management Library Applet Handling sun.awt.color.CMM.cmmCo... |
42599 | Sun Java JRE Color Management Library SpCurveToPublic Overflow DoS |
42598 | Sun Java JRE Image Parsing Library Applet Privilege Escalation (6633278) |
42597 | Sun Java Plug-in Applet Handling Policy Bypass Privilege Escalation (6608712) |
42596 | Sun Java Web Start Untrusted Application Unspecified Privilege Escalation (66... |
42595 | Sun Java Web Start Untrusted Application Unspecified Privilege Escalation (66... |
42594 | Sun Java Web Start useEncodingDecl() Function XML Header Parsing Overflow |
42593 | Sun Java Web Start Unspecified Application Handling Overflow (6605187) |
42592 | Sun Java Web Start Unspecified Application Handling Overflow (6605184) |
42591 | Sun Java JRE XSLT Transformation Processing Privilege Escalation |
42590 | Sun Java Runtime Environment Virtual Machine Untrusted Applet Privilege Escal... |
42589 | Sun Java Runtime Environment Virtual Machine Untrusted Applet Privilege Escal... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Oracle Java Web Start xml encoding buffer overflow attempt RuleID : 15081 - Revision : 14 - Type : FILE-JAVA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host has an application that is affected by multiple vulnerab... File : sun_java_jre_233321_unix.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0267.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0245.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080714_java__jdk_1_5_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12210.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12142.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0555.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0132.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0186.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0210.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0243.nasl - Type : ACT_GATHER_INFO |
2009-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0244.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2008-0010.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-080.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_java_rel7.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote host is affected by multiple vulnerabilities. File : macosx_java_10_5_update2.nasl - Type : ACT_GATHER_INFO |
2008-08-22 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-5465.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-5183.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-5182.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner181-5158.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5167.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-20.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_mozilla-xulrunner-5163.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_mozilla-xulrunner-5164.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-5153.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_4_2-sun-5130.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-sun-5131.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_5_0-sun-5133.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_java-1_6_0-sun-5132.nasl - Type : ACT_GATHER_INFO |
2008-04-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-5134.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-5135.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-592-1.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0207.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : A web browser on the remote host is affected by multiple vulnerabilities. File : seamonkey_119.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_20013.nasl - Type : ACT_GATHER_INFO |
2008-03-06 | Name : The remote Windows host has an application that is affected by multiple vulne... File : sun_java_jre_233321.nasl - Type : ACT_GATHER_INFO |