Sun Java Deployment Toolkit Remote Argument Injection Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	04/15/2010
Severity:	High
Application Affected:	JDK 1.6.0 update 10 JRE 1.6.0 update 10 JDK 1.6.0 update 19 and earlier JRE 1.6.0 update 19 and earlier
Identifiers:	CVE-2010-1423

Synopsis

Sun Java JRE/JDK is prone to Argument Injection Vulnerability. This issue is caused due to improper input validation error in the Java Deployment Toolkit. Attacker can exploit this vulnerability to compromise a user's system.

Recommended Actions

Update the patches as guided by vendor at :
http://java.sun.com/javase/6/webnotes/6u20.html

Threat Analysis

Sun Java toolket is vulnerable to Argument injection vulnerability. The vulnerability is caused by an input validation error in the Java Deployment Toolkit that does not properly validate arguments supplied via "javaw.exe" before being passed to a function call.

A malicious remote attacker could exploit this vulnerability by persuading a victim to visit a specially-crafted Web page and passing arbitrary command line arguments to javaws to download and execute a malicious JAR file. Successful exploitation of vulnerability could allow execution of arbitrary code on victim machine.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1423

Write-up by: Anupam Kumar