In association with heise online

11 July 2007, 15:06

Details of patched Java holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

When Sun released its Java 1.6 Update 2 last week, no information was available on which (and indeed whether) security holes had been fixed in the new version. Meanwhile, independent security service providers and Sun have published initial advisories containing more detailed information on the patched bugs.

An advisory by security service provider eEye describes a vulnerability in Java Web Start (javaws.exe) that is triggered when malicious JNLP files are processed and leads to a buffer overflow and subsequent arbitrary code injection and execution. The Java Network Launching Protocol (JNLP) describes XML files delivered by the server that contain information on a Java application, such as location of the JAR file, launching parameters or main class of the application. The problem occurs when Web Start copies the codebase attribute of a JNLP file into a fixed-length buffer without validating its length.

An alert notification by Sun explains that XSLT stylesheets in digital signatures of XML files are not handled correctly, which could allow attackers to execute arbitrary code with the privileges of the application processing the XML file. XSLT stylesheets are templates containing rules for transforming XML data into various output formats. On Sun's Java System Application Server and Web Server this bug may allow attackers to take complete control over the system. Affected versions include Java 1.6 Update 1 and prior versions.

In another alert notification, Sun describes a denial-of-service vulnerability in Java. The Java Secure Socket Extension (JSSE) does not process SSL/TLS handshake requests correctly. Malicious requests might cause a complete crash of servers listening for incoming encrypted connections and using JSSE for SSL/TLS support. The bug affects Java versions 1.6 Update 1 and earlier, 5.0 Update 11 and earlier and Java 1.4.14 and earlier.

Java users are advised to upgrade their systems to the current versions as soon as possible. Current versions provided by Sun for download include 1.6 Update 2, 1.5 Update 12 and 1.4.2 Update 15.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit