| Description: | Summary:
Sun Java SE is prone to multiple vulnerabilities.
Vulnerability Insight:
Multiple flaws occur due to:
- Directory traversal vulnerability in 'ICC_Profile.getInstance' method.
- Unspecified error in TrueType font parsing functionality.
- When a non-English version of Windows is used, the Java Update functionality
does not retrieve available new JRE versions.
- Failure to clone arrays that are returned by the 'getConfigurations()'
function in X11 and Win32GraphicsDevice.
- The Abstract Window Toolkit (AWT) does not properly restrict the objects
that may be sent to loggers.
- Information leak occurs as the application does not prevent the existence
of children of a resurrected ClassLoader.
- Multiple unspecified errors in the Swing implementation.
- The 'TimeZone.getTimeZone' method allows users to probe for the existence
of local files via vectors related to handling of zoneinfo.
- Error during parsing of BMP files containing UNC ICC links.
Vulnerability Impact:
Successful exploitation allows remote attacker to execute arbitrary code,
gain escalated privileges, bypass security restrictions and cause denial
of service attacks inside the context of the affected system.
Affected Software/OS:
Sun Java SE 6 prior to 6 Update 17
Sun Java SE 5 prior to 5 Update 22 on Windows.
Solution:
Upgrade to JRE version 6 Update 17 or later.
OR
Upgrade to JRE version 5 Update 22.
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
