Java brews critical bug
JRE bug can leave systems vulnerable
By Matthew Broersma, TechWorld, 01/19/07
A bug in the Java Runtime Environment (JRE) can leave corporate systems open to attack if a user visits a site containing malicious code, security researchers have warned.
The bug affects Windows, Linux and Solaris, and Sun has released a patch.
The JRE includes the Java Virtual Machine and supporting executables and files, and contains safeguards that prevent applets from causing trouble on the wider system. The newly disclosed flaw allows applets to upgrade their privileges, effectively giving them free access to the rest of the system, Sun said in an advisory.
"For example, an applet may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the untrusted applet," Sun said.
The specific bug is to do with the processing of GIF image components, according to the Zero Day Initiative (ZDI), a bounty-oriented program run by 3Com's TippingPoint, which bought rights to disclosure from an anonymous researcher.
"When the image width in an image block of a valid GIF file is set to 0, the Java runtime will allocate the specified size but subsequently copy all data to the under allocated memory chunk," ZDI said in its advisory. "The overflow results in the corruption of multiple pointers, at least one of which is later dereferenced and can therefore result in execution of arbitrary code."
ZDI originally informed Sun of the problem back in June, the organization said.
Secunia, a third-party security company based in Denmark, said the problem was one of the most serious to have affected Java in some time. Secunia said the bug was "highly critical".
The bug affects Java Development Kit (JDK) and JRE 5.0 Update 9 and prior, Java Software Development Kit (SDK) and JRE 1.4.2_12 and prior, and SDK and JRE 1.3.1_18 and prior.
Author Bio
Matthew Broersma writes for TechWorld.
Discuss
Start a new discussion or jump into one of the threads below:
Subject Replies Last post
Java brews critical bug
By JavaWorld 1 01/20/07 02:17 PM
by Strongheart
Print E-Mail article Feedback Add to del.icio.us Related Article Resources
Sun's Java site:
http://www.java.sun.com
Keep up with what's new at JavaWorld! Sign up for our free Enterprise Java newsletter:
http://www.javaworld.com/newsletter/
Free subscription to Network World
Receive the latest Network IT news and information!
Sign up today for 50 FREE weekly issues of Network World.
First Name
Last Name
Zip Code
Sponsored links
Java Installer Builder
install4j is easy to use, amazingly powerful and creates beautiful installers for all platforms. Try out the free trial version. - ej-technologies GmbH
Download the BIRT Reporting Kit
Learn how Actuate BIRT, a flexible 100% pure Java reporting tool based on the Open Source Eclipse Business Intelligence Reporting and Tools project can enable you to build and publish reports. - Actuate Corporation
Microsoft Visual Studio 2005. The difference is obvious. - Microsoft Corp Ajax, UML, DB, Spring/Hibernate, HTML, GUI Tools - Download Free Trial Now! - Genuitec
Powerful, easy to use Java based self-serve reporting & analytics solution. - Synaptris
Buy a link now.Hoffman Delivers Quality, Selection, Availability
Widest range of DataCom enclosures/racks & modification options. Fast ordering, local availability
Electronic Servicing through Systems Integration
AT&T eBonding allows information exchange between systems without manual intervention.
Key Drivers for Security Policy Updates
Any significant enterprise change should trigger a new look at a company’s existing security policy.
RESEARCH CENTERS: Java Standard Edition | Java Enterprise Edition | Java Micro Edition | Development Tools
About Us | Advertise | Contact Us | Terms of Service/Privacy
Copyright, 2006-2007 Network World, Inc. All rights reserved.
IDG Network: CIO Computerworld CSO Demo Games.net IDGconnect.com Infoworld IT World Canada Linuxworld.com Macworld NetworkWorld.com Outsourcing World PC World Playlistmag.com
XXXYYYQQQ
Labels: java bug
0 Comments:
Post a Comment
<< Home