[VIM] Java Deployment Toolkit 0-day CVEs
Deapesh Misra
deapesh at gmail.com
Wed Nov 24 11:27:29 CST 2010
Hi,
I also have a doubt regarding these two CVEs:
CVE-2010-1423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1423
Argument injection vulnerability in the URI handler in (a) Java NPAPI
plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and
other versions, when running on Windows and possibly on Linux, allows
remote attackers to execute arbitrary code via the (1) -J or (2)
-XXaltjvm argument to javaws.exe, which is processed by the launch
method. NOTE: some of these details are obtained from third party
information.
and
CVE-2010-0886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886
Unspecified vulnerability in the Java Deployment Toolkit component in
Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through
19 allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors.
----------
CVE-2010-1423 is the 0-day issue which Tavis disclosed on April 9th
(and later reported by Ruben).
CVE-2010-0886 is for a out of band (OOB) patch from Oracle/Sun
released on April 15th
(http://www.oracle.com/technetwork/topics/security/alert-cve-2010-0886-094541.html)
It seems like 0886 and 1423 are for the same vulnerability.
exploit-db.com labels the exploits for CVE-2010-1423 as CVE-2010-0886:
http://www.exploit-db.com/exploits/12117
http://www.exploit-db.com/exploits/12122
this was picked up by OSVDB too: http://osvdb.org/63798
As from the vendor's perspective, this release note from Oracle/Sun
seems to be the only valuable source of usable information:
http://www.oracle.com/technetwork/java/javase/6u20-142805.html
I think these two CVEs are for the same issue.
-Deapesh.
More information about the VIM
mailing list