Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

java.jvm.byte.code.ver.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 42 Views

Security flaw in Java Virtual Machine allows attackers to seize control via unverified code.

Code
`Date: Mon, 5 Apr 1999 08:56:10 -0400  
From: Gary McGraw <[email protected]>  
To: [email protected]  
Subject: Security Hole in Java 2 (and JDK 1.1.x)  
  
Hi all,  
  
Karsten Sohr at the University of Marburg in Germany (email  
[email protected]) has discovered a very serious security  
flaw in several current versions of the Java Virtual Machine,  
including Sun's JDK 1.1 and Java 2 (a.k.a. JDK 1.2), and Netscape's  
Navigator 4.x. (Microsoft's latest JVM is not vulnerable to this  
attack.) The flaw allows an attacker to create a booby-trapped Web  
page, so that when a victim views the page, the attacker seizes  
control of the victim's machine and can do whatever he wants,  
including reading and deleting files, and snooping on any data and  
activities on the victim's machine.  
  
The flaw is in the "byte code verifier" component of the JVM. Under  
some circumstances the verifier fails to check all of the code that is  
loaded into the JVM. Exploiting the flaw allows the attacker to run  
code that has not been verified. This code can set up a type  
confusion attack (see our book "Securing Java" for details  
http://www.securingjava.com) which leads to a full-blown security  
breach.  
  
We have verified that the flaw exists and is serious. Attack code (in  
both applet and application form) has been developed in the lab to  
exploit the flaw. Sun and Netscape have been notified about the flaw  
and they are working on a fix.  
  
The attack we developed in the lab worked against the following platforms:  
JDK 1.1.5 (Solaris)  
JDK 1.2beta4 (Solaris)  
JDK 1.1.6 (Solaris)  
JDK 1.1.7 (FreeBSD)  
JDK 1.2 (NT)  
JDK 1.1.6 (NT)  
Symantec Visual Cafe Version 3  
Netscape 4.5 (FreeBSD)  
Netscape 4.5 (NT)  
Netscape 4.05 (NT)  
Netscape 4.02 (Solaris)  
Netscape 4.07 (Linux)  
  
The attack did not work against:  
Microsoft Visual J++ 6.0  
  
Kudos to Viren Shah at RST for extensive platform testing. Thanks for  
your interest in mobile code security.  
  
Dr. Gary McGraw Prof. Edward W. Felten  
Reliable Software Technologies Secure Internet Programming Lab  
[email protected] Dept. of Computer Science  
Princeton University  
http://www.securingjava.com [email protected]  
  
---------------------------------------------------------------------------  
  
Date: Mon, 5 Apr 1999 11:13:16 -0700  
From: [email protected]  
To: [email protected]  
Subject: Re: Security Hole in Java 2 (and JDK 1.1.x)  
  
The following is the URL for a press release Sun issued about this:  
  
http://java.sun.com/pr/1999/03/pr990329-01.html  
  
It says the fix is in the works and will be available shortly, and  
will be implemented in the next release(s) of the software (due in  
April).  
  
FYI.  
d3l1r1um.  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
java virtual machinesecurity flawunverified codebooby-trapped web pagetype confusion attacksecurity breachjdk versions.
42