Multiple buffer and integer overflow vulnerabilities in the Java Runtime Environment with processing audio and image files may allow an untrusted applet or Java Web Start application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.

Sun acknowledges with thanks, the following researchers for bringing these issues to our attention:

CR 6854303: An anonymous researcher, working with the Zero Day Initiative (http://www.zerodayinitiative.com) and TippingPoint (http://www.tippingpoint.com).

CR 6862970: An anonymous researcher working with the iDefense VCP (http://labs.idefense.com/vcp/).

CR 6872357 and CR 6872358: Peter Vreugdenhil, working with the Zero Day Initiative (http://www.zerodayinitiative.com) and TippingPoint (http://www.tippingpoint.com).

CR 6872358, CR 6862969 and CR 6862968: regenrecht working with iDefense VCP (http://labs.idefense.com/vcp/).

CR 6874643: regenrecht working with Zero Day Initiative (http://www.zerodayinitiative.com) and TippingPoint (http://www.tippingpoint.com).

Permalink |