CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
97.7%
Added: 10/04/2010
CVE: CVE-2010-0838
BID: 39069
OSVDB: 63500
Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit (JDK) and the Java Runtime Environment (JRE). The JRE provides the minimum requirements for executing a Java application (e.g., an applet) and consists of the Java Virtual Machine (JVM), core classes and supporting files. One of the libraries included in the JVM is the Color Management Module (CMM), which controls the conversion among the color representations used by various devices by processing International Color Consortium (ICC) profiles.
Oracle Java SE and Java for Business 6 Update 18 and prior, and 5.0 Update 23 and prior are vulnerable to a buffer overflow in the CMM readMabCurveData
function. A remote attacker could gain system access if a user opens a Java applet that imports a malicious ICC profile that specifies an invalid count for curveType
objects passed to the readMabCurveData
function.
Apply the patches detailed in the Oracle Java SE and Java for Business Critical Patch Update Advisory for March 2010.
http://www.zerodayinitiative.com/advisories/ZDI-10-061/
Exploit works on Oracle Java SE and Java for Business containing Oracle JRE 6 Update 18.
The user must open the exploit in Internet Explorer 6, 7, or 8 or Mozilla Firefox 2.x or 3.x.
Windows