Lucene search

K
saintSAINT CorporationSAINT:58DAD69110330F9994F6C382A9E66468
HistoryMar 30, 2012 - 12:00 a.m.

Java SE AtomicReferenceArray Unsafe Security Bypass

2012-03-3000:00:00
SAINT Corporation
my.saintcorporation.com
49

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.967

Percentile

99.7%

Added: 03/30/2012
CVE: CVE-2012-0507
BID: 52161
OSVDB: 80724

Background

Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets.
Java Standard Edition (Java SE) includes the Java Virtual Machine, along with a standard set of libraries used by many applications.

Problem

In affected versions of Java SE, the AtomicReferenceArray class uses an Unsafe class to store a reference. Attackers may leverage this weakness to escape the JRE sandbox. If successful, the attackers may then load java code of their choice, which could result in execution of arbitrary code on the target server.

Resolution

Apply the Oracle Java SE Critical Patch Update February 2012, upgrade Java SE to a version later than 7 Update 2, 6 Update 30, 5.0 Update 33, 1.4.2_35, or JavaFX 2.0.2.

References

<http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html&gt;
<http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx&gt;
<http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3&gt;

Limitations

This exploit has been tested against Oracle JRE 7 Update 2 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.967

Percentile

99.7%