In association with heise online

16 May 2007, 15:05

Sun’s JDK executes code from images

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Due to errors in Sun's Java Development Kit attackers could execute arbitrary code or crash systems that use the JDK to process images server-side. Chris Evans from the Google Security Team has published an advisory on these vulnerabilities, including links to files for demonstration purposes.

Manipulated JPEG images with integrated ICC colour profiles may be used to infiltrate malicious code into the JDK. These images are parsed without range-checking the values in the ICC profile. Excessively large values cause an integer overflow and a subsequent buffer overflow. Under Linux, manipulated BMP files may cause the image parsing thread to hang while trying to read from /dev/tty.

These bugs affect JDK versions prior to the current versions 1.5.0_11-b03 and 1.6.0_01-b06. The version number of the installed JDK can be determined with the command java -fullversion at the command prompt. When installing a newer version it is important to remember that the older version doesn't get uninstalled automatically; administrators should perform the uninstallation manually.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit