Code can be injected into Sun's Java Virtual Machine from GIFs
An error in Sun's Java Virtual Machine can be exploited to inject code onto a system and execute it by means of specially prepared GIF images. The Zero Day Initiative (ZDI) says that a GIF image with the width field of an image block set to zero provokes an overflow due to insufficiently allocated memory, creating a number of flawed pointers. At least one of them could be exploited to manipulate specific parts of memory according to the security advisory. In addition, an untrustworthy applet can increase its privileges to gain access to all of a system's resources. However, users first have to visit a malicious website to be attacked. On the other hand, attackers can often easily get victims to do so by sending them an apparently interesting link via e-mail.
JDK and JRE 5.0 update 9 and previous versions, SDK and JRE 1.4.2_12 and previous versions, and SDK and JRE 1.3.1_18 and previous versions are affected on Windows, Solaris, and Linux. The flaws have been remedied in JDK/JRE 5.0 Update 10, SDK/JRE 1.4.2_13, and SDK/JRE 1.3.1_19, which have been available since the end of December. Keep in mind, however, that Java updates generally install a completely new version without deleting the previous one. Users therefore have to uninstall manually any vulnerable old versions.
- Security Vulnerability in Processing GIF Images in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Privileges, Sun's security advisory
- Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability, ZDI's security advisory