The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of JRE: privilege escalation of an applet

Synthesis of the vulnerability 

A remote attacker can create a malicious Java applet in order to run code on the machine of the target.
Impacted systems: HP-UX, WebSphere AS Traditional, Java Oracle, Solaris, Trusted Solaris, ESX.
Severity of this alert: 3/4.
Creation date: 24/10/2007.
Références of this alert: 103112, 6571539, c01234533, CVE-2007-5689, HPSBUX02284, PK64999, PK65161, SSRT071483, VIGILANCE-VUL-7277, VMSA-2008-00010.3.

Description of the vulnerability 

Java applets loaded by users are run on a virtual machine integrated in JRE.

A vulnerability in the implementation of the virtual machine of JRE permits an malicious applet to elevate his privileges in order to run code on the machine of the user with user rights.

A remote attacker can thus create a malicious Java applet in order to run code with user rights.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This vulnerability note impacts software or systems such as HP-UX, WebSphere AS Traditional, Java Oracle, Solaris, Trusted Solaris, ESX.

Our Vigil@nce team determined that the severity of this cybersecurity vulnerability is important.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer threat note.

Solutions for this threat 

Java JDK/JRE 6: version 6 Update 3.
Version 6 Update 3 is corrected:
  http://java.sun.com/javase/downloads/index.jsp
For Solaris :
  * Java SE 6: patch 125136-04
  * Java SE 6 64bit: patch 125137-04
  * Java SE 6_x86: patch 125138-04
  * Java SE 6_x86 64 bit: patch 125139-04
Previous versions have to be uninstalled.

Java JDK/JRE 5: version 5 Update 13.
Version 5 Update 13 is corrected:
  http://java.sun.com/javase/downloads/index_jdk5.jsp
For Solaris :
  Sparc :
    32 bits : patch 118666-14
    64 bits : patch 118667-14
  x86 :
    32 bits : patch 118668-14
    64 bits : patch 118669-14
Previous versions have to be uninstalled.

Java SDK/JRE 1.4.2: version 1.4.2_16.
Version 1.4.2_16 is corrected:
  http://java.sun.com/j2se/1.4.2/download.html
Previous versions have to be uninstalled.

Java SDK/JRE 1.3.1: version 1.3.1_21.
Version 1.3.1_21 is corrected:
  http://java.sun.com/j2se/1.3/download.html
Previous versions have to be uninstalled.

WebSphere AS: APAR for Java Plug-in.
An APAR is available:
  http://www-1.ibm.com/support/docview.wss?uid=swg1PK65161

HP-UX: version Java.
Versions 1.4.2.17.00 are corrected:
  http://www.hp.com/go/java

HP-UX: version Java JRE and JDK.
Following versions are corrected:
  1.4.2.17.00
  1.5.0.11

VMware ESX: patch for Tomcat and Java JRE.
A patch is available:
VMware ESX 3.5 patch ESX350-200806404-SG
http://download3.vmware.com/software/esx/ESX350-200806404-SG.zip
md5sum: 669e97880a21cce13eb7e9051f403162
http://kb.vmware.com/kb/1005219
ESX 3.0.3 patch ESX303-200808407-SG
http://download3.vmware.com/software/vi/ESX303-200808407-SG.zip
md5sum: 083cee0475a8f73e511199800e8c3af4
http://kb.vmware.com/kb/1006358
ESX 3.0.2 patch ESX-1006360
http://download3.vmware.com/software/vi/ESX-1006360.tgz
md5sum: 5d2d629b6c4b1894571742569ae2e2da
http://kb.vmware.com/kb/1006360
ESX 3.0.1 patch ESX-1006359
http://download3.vmware.com/software/vi/ESX-1006359.tgz
md5sum: 2224d6e27b86f3155ce9d5895f1f191a
http://kb.vmware.com/kb/1006359
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security bulletin. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.