| VID |
28196 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Sun Java JRE which is older than 1.6.0_01 or 1.5.0_11 or 1.4.2_15 or 1.3.1_20 has been installed on the host. The Sun Java JRE installed on the relevant host, according to its version number, has a buffer overflow vulnerability in the image parsing code. Sun Microsystems Java Runtime Environment (JRE) versions prior to 1.6.0_01 or 1.5.0_11 or 1.4.2_15 or 1.3.1_20 are vulnerable to a buffer overflow vulnerability in the image parsing code and could allow a attacker to gain elevated privileges. The applet could read and write local files or execute local applications with the privileges of the target user. By persuading a target user to load a specially-crafted applet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the user. The attacker could also cause the Java Virtual Machine to hang.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1
http://securitytracker.com/alerts/2007/May/1018182.html
* Platforms Affected:
Sun Microsystems, Sun JDK and JRE 6.0
Sun Microsystems, Sun JDK and JRE 5.0 Update 10 and earlier
Sun Microsystems, Sun SDK and JRE 1.4.2_14 and earlier
Sun Microsystems, Sun SDK and JRE 1.3.1_19 and earlier
Sun Microsystems, Solaris 7, 8, 9
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Sun JRE/SDK (6.0 Update 1 or 5.0 Update 11 or 1.4.2_14 or 1.3.1_20 or later), available from the following Sun Microsystems, Inc. Web sites:
http://java.sun.com/javase/downloads/index.jsp
http://java.sun.com/javase/downloads/index_jdk5.jsp
http://java.sun.com/j2se/1.4.2/download.html
http://java.sun.com/j2se/1.3/download.html
-- AND --
When upgrading a Java installation on a computer, all previous versions should be uninstalled to prevent them being accessed to run a malicious applet that may exploit latent vulnerabilities that may exist in those other previous versions.
It is also possible to workaround this issue by disabling Java support in the Web browser or any other applications that provide an environment for execution Java applets. |
| Related URL |
CVE-2007-3004 (CVE) |
| Related URL |
24267 (SecurityFocus) |
| Related URL |
34652 (ISS) |
|
