SAINT CorporationSAINT:53B1A46D390ABCB591CC24072217E221Java Runtime Environment AWT setDiffICM buffer overflow
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.0%
Added: 11/27/2009
CVE: CVE-2009-3869
BID: 36881
OSVDB: 59710
Background
Java Runtime Environment (JRE) allows end users to run Java applications.
Problem
A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit (AWT) allows command execution when a user loads a specially crafted web page.
Resolution
Apply the update referenced in Sun article 270474.
References
<http://www.zerodayinitiative.com/advisories/ZDI-09-078/>
Limitations
Exploit works on Java Runtime Environment 6 Update 16 and requires a user to open the exploit page in Firefox 2.0.x.
In order for the exploit to succeed, the security policy in JRE must allow access to classes in the sun.awt.image package. To configure JRE to allow access to classes in the sun.awt.image package, add the following lines to the Java policy file on the target system:
>
> grant {
> permission java.lang.RuntimePermission
> “accessClassInPackage.sun.awt.image”;
> }
>
The Java policy file can be found at:
>
> C:\Program Files\Java\jreX\lib\security\java.policy
>
where X is the JRE series, such as 5 or 6.
Platforms
Windows
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.0%