Home > News > JRE Exploit happened!

JRE Exploit happened!

Tavis Ormand discovered the bug inside Java Web Start. Critical bug that exists inside Java Runtime Environment allows to remotely run code on any machine with Java 6.0 with update 10 or later. In practice anyone can be attacked by simply entering specially designed page.

To explain how the exploit can work, you need to know that ever since 1.6.10 Sun has distributed an NPAPI plugin (for firefox, chrome ect.) and ActiveX control (for Internet Explorer) called “Java Deployment Toolkit” that simplifies distributing applications to the end user by Web Start. The launch() method of this toolkit accepts url as a parameter, however this parameter is poorly validated, thus allowing passing arbitrary parameters. This parameter is later on passed to javaws, allowing to run any code on attacked machine.

Tavis Ormand created a Proof of Concept application to show exploit in use. Source of this PoC was published by Ruben Santamart. Currently there is no fix for the bug and according to Tavis Ormand, Oracle/Sun is not planning to do it quickly:

Sun has been informed about this vulnerability, however, they informed me they do not consider this vulnerability to be of high enough priority to break their quarterly patch cycle.

About these ads
Categories: News
  1. April 12, 2010 at 3:53 am

    Seems that it is Oracle’s problem now…

  2. Krystian Nowak
    April 29, 2010 at 9:41 am
    • Krystian Nowak
      April 29, 2010 at 9:43 am

      I should have been in English in fact :(

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: