MA-169.062009: MyCERT Alert - Multiple Vulnerabilities in Sun Java Runtime Environment and Java Development Kit

1.0 Introduction

Multiple critical vulnerabilities have been identified in Sun Java Runtime Environment and Java Development Kit. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system.

The list of the vulnerabilities is as follows:

• Sun Java Runtime Environment Aqua Look and Feel Multiple Privilege Escalation Vulnerabilities
• Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability
• Sun Java Web Start GIF Decoding Memory Corruption Vulnerability
• Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability
• Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability
• Sun Java AWT Library Sandbox Violation Vulnerability
• Sun Java Runtime Environment (JRE) "Java Update" Mechanism Does Not Check the Digital Signature
• Sun Java Runtime Environment (JRE) Buffer Overflow Vulnerabilities in Processing Image Files and Fonts May Allow Applets or Java Web Start Applications to Elevate Their Privileges
• Sun Java Runtime Environment Creates Temporary Files That Have "Guessable" File Names
• Sun Java Runtime Environment Allow Code Loaded From the Local Filesystem to Access LocalHost
• Sun Java Runtime Environment (JRE) Parsing of Zip Files May Allow Reading of Arbitrary Memory Locations
• Sun Java Runtime Environment (JRE) Authenticating Users Through Kerberos May Lead to a Denial of Service (DoS)
• Buffer Overflow Vulnerability in Sun Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
• Sun Java Runtime Environment (JRE) Deserializing Calendar Objects May Allow Privileges to be Escalated

2.0 Impact

An attacker who has successfully exploited this vulnerability such as by tricking the users to visit a website with a malicious java applets, could execute code remotely and gain the same privilege as the user.

3.0 Affected Products

• Sun JDK and JRE 6 Update 11 and earlier versions
• Sun JDK and JRE 5.0 Update 17 and earlier versions
• Sun SDK and JRE 1.4.2_19 and earlier versions
• Sun SDK and JRE 1.3.1_24 and earlier versions

4.0 Recommendation

Users are recommended to upgrade to the latest update released for specific version used. Users can obtain the update from the following URL: http://java.sun.com/products/archive/

While for the Mac OS users, update can be obtained from the following URL: http://support.apple.com/downloads/

Generally, MyCERT advises the users of this product to be updated with the latest security announcements by the vendor. Users who receive suspicious applets or URL can forward them to MyCERT for further analysis. MyCERT can be reached through the following channels:

E-mail : mycert@mycert.org.my
Phone : +603 89926969 or 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : +60 19 2813801 (24x7 SMS reporting)
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

5.0 References

• http://www.securityfocus.com/bid/35381/info
• http://www.securityfocus.com/bid/32608/info
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=758
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=760
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=757
• http://www.zerodayinitiative.com/advisories/ZDI-08-080/
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=759
• http://www.securityfocus.com/archive/1/498922
• http://www.securityfocus.com/archive/1/498915
• http://www.securityfocus.com/archive/1/498926
• http://www.securityfocus.com/archive/1/498921