The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of Java JRE/JDK/SDK: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Java JRE/JDK/SDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Severity of this threat: 4/4.
Number of vulnerabilities in this bulletin: 29.
Creation date: 13/10/2010.
Références of this weakness: BID-43965, BID-43971, BID-43979, BID-43985, BID-43988, BID-43992, BID-43994, BID-43999, BID-44009, BID-44011, BID-44012, BID-44013, BID-44014, BID-44016, BID-44017, BID-44020, BID-44021, BID-44023, BID-44024, BID-44026, BID-44027, BID-44028, BID-44030, BID-44032, BID-44035, BID-44038, BID-44040, c02616748, c03405642, CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-196, CERTA-2010-AVI-219, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-365, CERTA-2010-AVI-500, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2011-AVI-400, CERTA-2012-AVI-241, CERTA-2012-AVI-395, CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574, FEDORA-2010-16240, FEDORA-2010-16294, FEDORA-2010-16312, HPSBMU02799, HPSBUX02608, openSUSE-SU-2010:0754-1, openSUSE-SU-2010:0957-1, RHSA-2010:0768-01, RHSA-2010:0770-01, RHSA-2010:0786-01, RHSA-2010:0807-01, RHSA-2010:0865-02, RHSA-2010:0873-02, RHSA-2010:0935-01, RHSA-2010:0986-01, RHSA-2010:0987-01, RHSA-2011:0152-01, RHSA-2011:0169-01, RHSA-2011:0880-01, SSRT100333, SSRT100867, SUSE-SA:2010:061, SUSE-SA:2011:006, SUSE-SA:2011:014, SUSE-SR:2010:019, VIGILANCE-VUL-10040, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2, VMSA-2011-0004.2, VMSA-2011-0005.3, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2012-0005, ZDI-10-202, ZDI-10-203, ZDI-10-204, ZDI-10-205, ZDI-10-206, ZDI-10-207, ZDI-10-208.

Description of the vulnerability

Several vulnerabilities were announced in Java JRE/JDK/SDK. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43979, CVE-2010-3562]

An attacker can use a vulnerability of 2D (JPEGImageWriter.writeImage), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43985, CVE-2010-3565, ZDI-10-205]

An attacker can use a vulnerability of 2D (ICC Profile Device Information Tag), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43988, CVE-2010-3566, ZDI-10-204]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43992, CVE-2010-3567]

An attacker can use a vulnerability of 2D (ICC Profile Unicode Description), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43965, CVE-2010-3571, ZDI-10-203]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43994, CVE-2010-3554]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43999, CVE-2010-3563]

An attacker can use a vulnerability of Java Runtime Environment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44012, CVE-2010-3568]

An attacker can use a vulnerability of Java Runtime Environment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44016, CVE-2010-3569]

An attacker can use a vulnerability of Java Web Start, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44021, CVE-2010-3558]

An attacker can use a vulnerability of New Java Plug-in docbase, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44023, CVE-2010-3552, ZDI-10-206]

An attacker can use a vulnerability of Sound (HeadspaceSoundbank.nGetName), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44026, CVE-2010-3559, ZDI-10-208]

An attacker can use a vulnerability of Sound, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44030, CVE-2010-3572]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44035, CVE-2010-3553]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44038, CVE-2010-3555]

An attacker can use a vulnerability of Java Web Start, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44040, CVE-2010-3550]

An attacker can use a vulnerability of Deployment Toolkit, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44020, CVE-2010-3570]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44013, CVE-2010-3561]

An attacker can use a vulnerability of JSSE, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-196, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-365, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2012-AVI-241, CVE-2009-3555]

An attacker can use a vulnerability of Kerberos, in order to create a denial of service. [severity:2/4; CERTA-2010-AVI-219, CERTA-2011-AVI-400, CVE-2010-1321]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44027, CVE-2010-3549]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44014, CVE-2010-3557]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44032, CVE-2010-3541]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44028, CVE-2010-3573]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44011, CVE-2010-3574]

An attacker can use a vulnerability of JNDI, in order to obtain information. [severity:2/4; BID-44017, CVE-2010-3548]

An attacker can use a vulnerability of Networking, in order to obtain information. [severity:2/4; BID-44009, CVE-2010-3551]

An attacker can use a vulnerability of Networking, in order to obtain information. [severity:1/4; BID-44024, CVE-2010-3560]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43971, CERTA-2010-AVI-500, CVE-2010-3556]
Full Vigil@nce bulletin... (Request your free trial)

This computer vulnerability impacts software or systems such as Fedora, HPE NNMi, HP-UX, NLD, OES, Java OpenJDK, openSUSE, Java Oracle, RHEL, SLES, ESX, ESXi, vCenter Server, VirtualCenter, VMware vSphere, VMware vSphere Hypervisor.

Our Vigil@nce team determined that the severity of this weakness bulletin is critical.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 29 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this weakness.

Solutions for this threat

Java JRE/JDK/SDK: version 6 Update 22.
The version 6 Update 22 is corrected:
  http://java.sun.com/javase/downloads/index.jsp

Java: version 5.0 Update 26 Business.
The version 5.0 Update 26 Business is corrected:
  http://globalspecials.sun.com/store/globalss/pd/productID.140434000

Java: version 1.4.2_28 Business.
The version 1.4.2_28 Business is corrected:
  http://globalspecials.sun.com/store/globalss/pd/productID.140434000

Fedora: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12
  java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13
  java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14

HP NNMi 9.0: hotfix for JDK.
A hotfix is available:
  HP-UX : Patch 5 : Hotfix-NNMi-9.0xP5-HP-UX-JDK-20120710.zip
  Linux : Patch 5 : Hotfix-NNMi-9.0xP5-Linux-JDK-20120523.zip
  Solaris : Patch 5 : Hotfix-NNMi-9.0xP5-Solaris-JDK-20120523.zip
  Windows : Patch 5 : Hotfix-NNMi-9.0xP5-Windows-JDK-20120523.zip

HP-UX: versions 1.4.2.26, 5.0.21 and 6.0.09.
Versions 1.4.2.26, 5.0.21 and 6.0.09 are corrected:
  http://www.hp.com/go/java

openSUSE: new java-1_6_0-openjdk packages.
New packages are available:
  openSUSE 11.1 : java-1_6_0-openjdk-1.6.0.0_b20.1.9.1-0.1.3
  openSUSE 11.2 : java-1_6_0-openjdk-1.6.0.0_b20.1.9.1-0.2.2
  openSUSE 11.3 : java-1_6_0-openjdk-1.6.0.0_b20.1.9.1-0.2.2

openSUSE: new java-1_6_0-sun packages.
New packages are available:
  java-1_6_0-sun-1.6.0.u22-1.2.1

Red Hat Network Satellite: new java-1.6.0-ibm packages.
New packages are available:
  java-1.6.0-ibm-1.6.0.9.1-1jpp.1.el5

RHEL 3E, 4E, 5S: new java-1.4.2-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 3 Extras:
  java-1.4.2-ibm-1.4.2.13.6-1jpp.3.el3
Red Hat Enterprise Linux version 4 Extras:
  java-1.4.2-ibm-1.4.2.13.6-1jpp.2.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.4.2-ibm-1.4.2.13.6-1jpp.2.el5

RHEL 4E, 5S, 6S: new java-1.5.0-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.5.0-ibm-1.5.0.12.3-1jpp.1.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.5.0-ibm-1.5.0.12.3-1jpp.1.el5
Red Hat Enterprise Linux version 6 Supplementary:
  java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el6

RHEL 4E, 5S, 6S: new java-1.6.0-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.6.0-ibm-1.6.0.9.0-1jpp.3.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.6.0-ibm-1.6.0.9.0-1jpp.3.el5
Red Hat Enterprise Linux version 6 Supplementary:
  java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el6

RHEL 4E, 5S: new java-1.4.2-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5

RHEL 4E, 5S: new java-1.5.0-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.5.0-ibm-1.5.0.12.2-1jpp.1.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.5.0-ibm-1.5.0.12.2-1jpp.1.el5

RHEL 4E, 5S: new java-1.6.0-sun packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.6.0-sun-1.6.0.22-1jpp.1.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.6.0-sun-1.6.0.22-1jpp.1.el5

RHEL 5: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-1.16.b17.el5

RHEL 6.0: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-1.31.b17.el6_0

RHEL 6: new java-1.5.0-ibm packages.
New packages are available:
  java-1.5.0-ibm-1.5.0.12.2-1jpp.1.el6

RHEL: new java-1.4.2-ibm-sap packages.
New packages are available:
RHEL 4 AS for SAP:
  java-1.4.2-ibm-sap-1.4.2.13.6.sap-1jpp.1.el4_8
RHEL 5 Server for SAP:
  java-1.4.2-ibm-sap-1.4.2.13.6.sap-1jpp.1.el5
Red Hat Enterprise Linux SAP (v. 6):
  java-1.4.2-ibm-sap-1.4.2.13.6.sap-1jpp.3.el6

SUSE LE 10, 11: new java-1_6_0-ibm packages.
New packages are available:
SUSE Linux Enterprise 10 :
  http://download.novell.com/patch/finder/?keywords=8d66847a4ae8caca98e746ff78880e0e
SUSE Linux Enterprise 11 :
  http://download.novell.com/patch/finder/?keywords=99e3a681bfd3aa624a61230811cf88e5

SUSE LE: new java-1_4_2-ibm packages.
New packages are available, as indicated in information sources.

SUSE LE: new java-1_6_0-ibm, java-1_5_0-ibm, java-1_4_2-ibm packages.
New packages are available, as indicated in information sources.

SUSE: new packages (25/10/2010).
New packages are available, as indicated in information sources.

VMware: corrected versions.
Following versions are corrected:
VMware vCenter Server 4.1 Update 1 and modules
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
VMware vCenter Server 4.0 Update 3
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://www.vmware.com/support/vsphere4/doc/vsp_vc40_u3_rel_notes.html
ESXi 4.1 Installable Update 1
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html
  http://kb.vmware.com/kb/1027919
ESX 4.1 Update 1
  http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0
  http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html
  http://kb.vmware.com/kb/1029353
ESXi 4.0
  https://hostupdate.vmware.com/software/VUM/OFFLINE/release-274-20110303-677367/ESXi400-201103001.zip
  http://kb.vmware.com/kb/1032823
ESX 4.0
  https://hostupdate.vmware.com/software/VUM/OFFLINE/release-273-20110303-574144/ESX400-201103001.zip
  http://kb.vmware.com/kb/1032822

VMware ESX: version 4.1 Update 2.
The version 4.1 Update 2 is corrected:
  http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1
  http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html

VMware vCenter Server: version 4.1 Update 2.
The version 4.1 Update 2 is corrected:
  http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1
  http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
  https://www.vmware.com/support/orchestrator/doc/vco_412_release_notes.html
Full Vigil@nce bulletin... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities patch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.