Lucene search

K
saintSAINT CorporationSAINT:D23E36D7D4E4152F6E715EB12B45D4EC
HistoryFeb 28, 2012 - 12:00 a.m.

Java Runtime Environment MixerSequence Function Pointer Control

2012-02-2800:00:00
SAINT Corporation
www.saintcorporation.com
38

EPSS

0.968

Percentile

99.7%

Added: 02/28/2012
CVE: CVE-2010-0842
BID: 39077
OSVDB: 63493

Background

The Java Runtime Environment (JRE) is part of the Java Development Kit (JDK), a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java Virtual Machine (JVM), core classes, and supporting files.

Problem

When parsing Rich Music Format (RMF) files that contain Musical Instrument Digital Interface (MIDI) streams, part of the MIDI stream is used to set a function pointer in the JRE engine. If a specially crafted RMF file is referenced by an applet running under a vulnerable JRE, an attacker could cause this function pointer to divert execution to data controlled by the attacker, giving them control of execution on the target system.

Resolution

Apply Update 19 or later for JRE 6, or Update 24 or later for JRE 5.

References

<http://www.zerodayinitiative.com/advisories/ZDI-10-060/&gt;
<http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html&gt;

Limitations

This exploit has been tested against Oracle JRE 6 Update 18 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows