Lucene search

K
saintSAINT CorporationSAINT:F995AD645FBB3DCAF943471F0A221EB9
HistoryApr 22, 2010 - 12:00 a.m.

Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow

2010-04-2200:00:00
SAINT Corporation
download.saintcorporation.com
35

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.6

Confidence

High

EPSS

0.047

Percentile

92.6%

Added: 04/22/2010
CVE: CVE-2010-0839
BID: 39070
OSVDB: 63494

Background

The Java Runtime Environment (JRE) is part of the Java Development Kit (JDK), a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface (API) to provide low-level support for audio operations. The Java Sound API includes the Soundbank interface which contains a set of instruments and SoundbankResources that can be loaded from any arbitrary stream, including file and network streams.

Problem

JRE is vulnerable to a stack buffer overflow due to a sign extension error when parsing the length of a resource name in a Soundbank file. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to open a malicious Java applet with a vulnerable application.

Resolution

Apply the patch for the vulnerable product.

References

http://secunia.com/advisories/37255/

Limitations

Exploit works on Java SE 6 Update 18 and requires the user to load the exploit page in Internet Explorer 6.

Platforms

Windows

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

9.6

Confidence

High

EPSS

0.047

Percentile

92.6%