SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Oracle Java SE Vendors:   Sun
Java Runtime Environment XSLT Stylesheet Bug Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1018365
SecurityTracker URL:  http://securitytracker.com/id/1018365
CVE Reference:   CVE-2007-3716   (Links to External Site)
Updated:  May 6 2008
Original Entry Date:  Jul 11 2007
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6 Update 1 and prior versions
Description:   A vulnerability was reported in Java Runtime Environment (JRE). A remote user can cause arbitrary code to be executed on the target system.

The Java XML Digital Signature implementation does not properly process XSLT stylesheets contained in XSLT Transforms in XML Signatures. A remote user can create a specially crafted signature that, when processed by the target application, will trigger a buffer overflow and execute arbitrary code on the target system.

Sun credits Brad Hill of iSEC Partners with reporting this vulnerability.
Impact:   A remote user can create a signature that, when processed by the target user or application, will execute arbitrary code on the target user's system.
Solution:   Sun has issued the following fixes for Windows, Solaris, and Linux:

* JDK and JRE 6 Update 2 or later

Java SE 6 is available for download at the following link:

http://java.sun.com/javase/downloads/index.jsp

Java SE 6 Update 2 for Solaris is available in the following patches:

* Java SE 6 update 2 (as delivered in patch 125136-02 or later)
* Java SE 6 update 2 (as delivered in patch 125137-02 or later (64bit))
* Java SE 6_x86 update 2 (as delivered in patch 125138-02 or later)
* Java SE 6_x86 update 2 (as delivered in patch 125139-02 or later (64bit))

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1
Vendor URL:  sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Linux (Any), UNIX (Solaris - SunOS), Windows (Any)

Message History:   None.

 Source Message Contents


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC