SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Java Runtime Environment (JRE) Vendors:  Sun
Java Runtime Environment XSLT Stylesheet Bug Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1018365
SecurityTracker URL:  http://securitytracker.com/id?1018365
CVE Reference:  CVE-2007-3716   (Links to External Site)
Updated:  May 6 2008
Original Entry Date:  Jul 11 2007
Impact:  Execution of arbitrary code via network, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Advisory:  Sun Alert
Version(s): 6 Update 1 and prior versions
Description:  A vulnerability was reported in Java Runtime Environment (JRE). A remote user can cause arbitrary code to be executed on the target system.

The Java XML Digital Signature implementation does not properly process XSLT stylesheets contained in XSLT Transforms in XML Signatures. A remote user can create a specially crafted signature that, when processed by the target application, will trigger a buffer overflow and execute arbitrary code on the target system.

Sun credits Brad Hill of iSEC Partners with reporting this vulnerability.
Impact:  A remote user can create a signature that, when processed by the target user or application, will execute arbitrary code on the target user's system.
Solution:  Sun has issued the following fixes for Windows, Solaris, and Linux:

* JDK and JRE 6 Update 2 or later

Java SE 6 is available for download at the following link:

http://java.sun.com/javase/downloads/index.jsp

Java SE 6 Update 2 for Solaris is available in the following patches:

* Java SE 6 update 2 (as delivered in patch 125136-02 or later)
* Java SE 6 update 2 (as delivered in patch 125137-02 or later (64bit))
* Java SE 6_x86 update 2 (as delivered in patch 125138-02 or later)
* Java SE 6_x86 update 2 (as delivered in patch 125139-02 or later (64bit))

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1
Vendor URL:  sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 (Links to External Site)
Cause:  Exception handling error
Underlying OS:  Linux (Any), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Wed, 11 Jul 2007 11:47:34 -0400
Subject:  Java Runtime Environment Does Not Securely Process XSLT Stylesheets Contained in XML Signatures

 
 
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC