SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Oracle Java Web Start Vendors:   Sun
Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
SecurityTracker Alert ID:  1018814
SecurityTracker URL:  http://securitytracker.com/id/1018814
CVE Reference:   CVE-2007-5239   (Links to External Site)
Date:  Oct 12 2007
Impact:   Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.3.1_20 and prior, 1.4.2_15 and prior, 5.0 Update 12 and prior, 6 Update 2 and prior
Description:   A vulnerability was reported in Java Web Start. A remote user can cause files to be renamed or copied on the target user's system.

A remote user can create a specially crafted application or applet that, when loaded by the target user, will copy or rename arbitrary files when the target user performs a drag-and-drop operation from the application or applet window onto certain types of desktop applications. File operations will occur with the privileges of the target user.

Impact:   A remote user can create an application or applet that, when loaded by the target user and when the target user drags and drops from the application or applet to a desktop application, will rename or copy files on the target user's system.
Solution:   Sun has issued the following fixes.

* JDK and JRE 6 Update 3 or later
* JDK and JRE 5.0 Update 13 or later
* SDK and JRE 1.4.2_16 or later

This issue will be addressed in the following release (for Solaris 8 and Windows):

* SDK and JRE 1.3.1_21 or later

JDK and JRE 6 Update 3 is available for download at the following links:

http://java.sun.com/javase/downloads/index.jsp

http://java.com

JDK 6 Update 3 for Solaris is available in the following patches:

* Java SE 6 update 3 (as delivered in patch 125136-04 or later)
* Java SE 6 update 3 (as delivered in patch 125137-04 or later (64bit))
* Java SE 6_x86 update 3 (as delivered in patch 125138-04 or later)
* Java SE 6_x86 update 3 (as delivered in patch 125139-04 or later (64bit))

JDK and JRE 5.0 Update 13 is available for download at the following link:

http://java.sun.com/javase/downloads/index_jdk5.jsp

JDK 5.0 Update 13 for Solaris is available in the following patches:

* J2SE 5.0 update 13 (as delivered in patch 118666-14)
* J2SE 5.0 update 13 (as delivered in patch 118667-14 (64bit))
* J2SE 5.0_x86 update 13 (as delivered in patch 118668-14)
* J2SE 5.0_x86 update 13 (as delivered in patch 118669-14 (64bit))

SDK and JRE 1.4.2 is available for download at:

http://java.sun.com/j2se/1.4.2/download.html

SDK and JRE 1.3.1 for Solaris 8 is available for download at:

http://java.sun.com/j2se/1.3/download.html

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1

Vendor URL:  sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1 (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Feb 14 2008 (Red Hat Issues Fix) Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
Red Hat has released a fix for Red Hat Enterprise Linux Extras.
Feb 21 2008 (BEA Issues Fix for JRockit) Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
A fix for BEA JRockit is available.
Mar 5 2008 (Red Hat Issues Fix) Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
Red Hat has released a fix for Red Hat Enterprise Linux Extras.
Mar 12 2008 (Red Hat Issues Fix) Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
Red Hat has released a fix for java-1.4.2-bea on Red Hat Enterprise Linux Extras 3, 4, and 5.
Jun 18 2008 (VMware Issues Fix for ESX Server) Java Web Start Bugs Let Remote Users Rename/Copy Files on the Target User's System
VMware has issued a fix for VMware ESX Server.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC