Oracle Java Applet2ClassLoader Vulnerability

2011-05-05T00:00:00
ID SAINT:DC285ED9DA4E12521B628258BB9B825A
Type saint
Reporter SAINT Corporation
Modified 2011-05-05T00:00:00

Description

Added: 05/05/2011
CVE: CVE-2010-4452
BID: 46388
OSVDB: 71193

Background

Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets.

Problem

Java 6 Update 23 and before are vulnerable to an unsigned code execution vulnerability. This may allow an attacker to trick a user into viewing a website with a malicious embedded Java applet.

Resolution

Upgrade to Oracle JRE 6 Update 25 or later.

References

<http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html>
<http://fhoguin.com/2011/03/oracle-java-unsigned-applet-applet2classloader-remote-code-execution-vulnerability-zdi-11-084-explained/>
<http://www.zerodayinitiative.com/advisories/ZDI-11-084/>

Limitations

This exploit has been tested against Oracle JRE 6 Update 23 on Windows XP SP3 English (DEP OptIn), Windows Vista SP2 English (DEP OptIn) and Windows 7 SP1 English (DEP OptIn).

Platforms

Windows