| |
| Threat Type: | Unintended Weakness: Arbitrary Code Execution |
|
| IntelliShield ID: | 17203 |
| Version: | 14 |
| First Published: | 2008 December 08 17:45 GMT |
| Last Published: | 2010 February 10 19:35 GMT |
| Vector: | Network |
| Authentication: | None |
| Exploit: | Functional |
| Port: |
Not Available
|
| CVE: | CVE-2008-5353 |
| BugTraq ID: | 32608 |
|
| Urgency: |
Possible Use
|  |
| Credibility: |
Confirmed
|  |
| Severity: |
Moderate Damage
|  |
| CVSS Base: | 9.3 |
CVSS Calculator
CVSS Version 2
|
| CVSS Temporal: | 7.7 |
|
|
| |
| Version Summary: | HP has released an additional security bulletin and updated software to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability. |
| |
| |
| Description |
|
HP, IBM, and Sun Java products contain a vulnerability that could allow an unauthenticated, remote attacker to perform actions with elevated privileges.
The vulnerability is due to an error that may occur when the vulnerable products handle Java applets. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to visit a website that loads a malicious applet on the user's system. The malicious applet could allow the attacker to execute arbitrary commands with the privileges of the user who is running the web browser.
Functional code that exploits this vulnerability is publicly available.
HP, IBM, and Sun confirmed the vulnerability and released updated software. |
| |
| Warning Indicators |
|
The following Java products are vulnerable:
IBM JDK 1.4.2 SR12 and prior
IBM JDK 5.0 SR8a and prior
IBM JDK 6.0 SR2 and prior
Sun JRE 6 Update 10 and prior
Sun JDK 6 Update 10 and prior
Sun JRE 5.0 Update 16 and prior
Sun JDK 5.0 Update 16 and prior
Sun SDK 1.4.2_18 and prior
Sun JRE 1.4.2_18 and prior
HP JDK and JRE 6.0.02 and prior
HP JDK and JRE 5.0.14 and prior
HP SDK and JRE 1.4.2.20 and prior |
| |
| IntelliShield Analysis |
|
Code execution will take place with the privileges of the user who is logged in. On platforms that grant users administrative privileges, such as certain versions of Microsoft Windows, an unauthenticated, remote attacker may be able to take control of the targeted systems. However, the attacker will gain the privileges of the current user on systems that restrict user privileges. |
| |
 Vendor Announcements |
|
HP has released security bulletin c01683026 at the following link: HPSBUX02411 SSRT080111. HP has released security bulletin c02000725 for registered users at the following link: HPSBMA02486 SSRT090049
IBM has released a security alert at the following link: CVE-2008-5353
Sun has released an alert notification at the following link: 244990
Apple has released security updates at the following links: Java for Mac OS X 10.5 Update 4 and Java for Mac OS X 10.4 Release 9
Novell has released security announcements at the following links: SUSE-SA:2009:001 and SUSE-SA:2009:007
Oracle has released a security advisory at the following link: Oracle Critical Patch Update April 2009
Red Hat has released security advisories at the following links: RHSA-2008:1018, RHSA-2008:1025, RHSA-2009:0015, RHSA-2009:0016, RHSA-2009-0445 and RHSA-2009-0466
VMware has re-released a security advisory at the following link: VMSA-2009-0014.1 |
|
|
| Signatures |
| |
|
|
| |
| Alert History |
| |
Version 13, January 6, 2010, 8:43 AM: Functional code that exploits the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability is publicly available.
Version 12, November 23, 2009, 9:47 AM: VMware has re-released a security advisory and updated software to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 11, October 20, 2009, 12:13 PM: VMware has released a security advisory and updated software to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 10, June 22, 2009, 4:28 PM: Apple has released security updates and updated software to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 9, May 22, 2009, 10:10 AM: Proof-of-concept code and additional technical details are available for the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 8, May 12, 2009, 11:55 AM: Red Hat has released an additional security bulletin and updated packages to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 7, April 30, 2009, 12:38 PM: Red Hat has released a security bulletin and updated packages to address the Java Runtime Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 6, April 15, 2009, 10:42 AM: Oracle has released a security bulletin and updated software to address the Java Environment malformed calendar object processing applet privilege escalation vulnerability. Version 5, March 11, 2009, 2:40 PM: HP has released a security bulletin and updated software to address the Java Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 4, January 30, 2009, 2:09 PM: Novell has released a security announcement and updated packages to address the Java Environment malformed calendar object processing applet privilege escalation vulnerability in IBM.
Version 3, January 15, 2009, 12:39 PM: IBM and Red Hat have released security advisories and updates to address the Java Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 2, January 12, 2009, 8:17 AM: Novell has released a security announcement and updated packages to address the Sun Java Environment malformed calendar object processing applet privilege escalation vulnerability.
Version 1, December 8, 2008, 12:45 PM: Sun Java Runtime Environment contains a vulnerability that could allow an unauthenticated, remote attacker to perform actions with elevated privileges. Updated software is available. |
|
Product Sets |
| |
The security vulnerability applies to the following combinations of products.
| Primary Products: |
| HP | HP Java Development Kit (JDK) | 5.0.0 Base, Update 1, Update 10, Update 11, Update 12, Update 13, Update 14, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7, Update 8, Update 9 | 6.0 .00, .01, .02 |
| HP | HP Java Runtime Environment (JRE) | 1.4.2 .00, .01, .02, .03, .04, .05, .06, .07, .08, .09, .10, .11, .12, .13, .14, .15, .16, .17, .18, .19, .20 | 5.0.0 Base, Update 1, Update 10, Update 11, Update 12, Update 13, Update 14, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7, Update 8, Update 9 | 6.0 .00, .01, .02 |
| HP | HP Java Software Development Kit (SDK) | 1.4.2 .00, .01, .02, .03, .04, .05, .06, .07, .08, .09, .10, .11, .12, .13, .14, .15, .16, .17, .18, .19, .20 |
| IBM | Java Development Kit (JDK) | 1.4 .1, .2, .2 SR1, .2 SR10, .2 SR11, .2 SR2, .2 SR3, .2 SR4, .2 SR5, .2 SR6, .2 SR7, .2 SR8, .2 SR9, Base | 5.0 Base, SR1, SR2, SR3, SR4, SR5, SR5a, SR6, SR7, SR8, SR8a | 6.0 Base, SR1, SR2 |
| Sun Microsystems, Inc. | Java Development Kit (JDK) | 5.0.0 Base, Update 1, Update 10, Update 11, Update 12, Update 13, Update 14, Update 15, Update 16, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7, Update 8, Update 9 | 6.0.0 Base, Update 1, Update 10, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7 |
| Sun Microsystems, Inc. | Java Runtime Environment (JRE) | 5.0.0 Base, Update 1, Update 10, Update 11, Update 12, Update 13, Update 14, Update 15, Update 16, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7, Update 8, Update 9 | 6.0 Base, Update 1, Update 10, Update 2, Update 3, Update 4, Update 5, Update 6, Update 7 |
| Sun Microsystems, Inc. | Java Software Development Kit (SDK) | 1.4.2 Base, _01, _02, _03, _04, _05, _06, _07, _08, _09, _10, _11, _12, _13, _14, _15, _16, _17, _18 |
| Associated Products: |
| Apple | Mac OS X | 10.4.0 Base | 10.4.1 Base | 10.4.10 Intel, PPC | 10.4.11 Intel, PPC | 10.4.2 Base | 10.4.3 Base | 10.4.4 Intel, PPC | 10.4.5 Intel, PPC | 10.4.6 Intel, PPC | 10.4.7 Intel, PPC | 10.4.8 Intel, PPC | 10.4.9 Intel, PPC | 10.5 Intel, PPC | 10.5.1 Intel, PPC | 10.5.2 Intel, PPC | 10.5.3 Intel, PPC | 10.5.4 Intel, PPC | 10.5.5 Intel, PPC | 10.5.6 Intel, PPC | 10.5.7 Intel, PPC |
| Apple | Mac OS X Server | 10.4.0 Base | 10.4.1 Base | 10.4.10 Intel, PPC | 10.4.11 Intel, PPC | 10.4.2 Base | 10.4.3 Base | 10.4.4 Base | 10.4.5 Base | 10.4.6 Base | 10.4.7 Intel, PPC | 10.4.8 Intel, PPC | 10.4.9 Intel, PPC | 10.5 Intel, PPC | 10.5.1 Intel, PPC | 10.5.2 Intel, PPC | 10.5.3 Intel, PPC | 10.5.4 Intel, PPC | 10.5.5 Intel, PPC | 10.5.6 Intel, PPC | 10.5.7 Intel, PPC |
| HP | HP OpenView Network Node Manager (NNM) | 7.51 Base | 7.53 Base |
| HP | HP-UX | 11.11/11i Base | 11.23 Base | 11.31 Base |
| Novell, Inc. | Novell Linux Desktop | 9 x86, x86_64 |
| Novell, Inc. | Novell Linux POS | 9 Base |
| Novell, Inc. | Novell Open Enterprise Server | 1 i386 | 2 x86, x86-64 |
| Oracle Corporation | WebLogic JRockit 6 JDK | 1.4 .0, .1, .1_01, .1_02, .1_03, .1_04, .1_05, .1_06, .1_07, .2, .2_01, .2_02, .2_03, .2_04, .2_05, .2_06, .2_07, .2_08, .2_09, .2_10, .2_11, .2_12, .2_13, .2_14, .2_15, .2_16, .2_17, .2_18 | 5.0 .0, .0_01, .0_02, .0_03, .0_04, .0_05, .0_06, .0_07, .0_08, .0_09, .0_10, .0_11, .0_12, .0_13, .0_14, .0_15, .0_16, Base | 6.0 .0_01, .0_02, .0_03, .0_04, .0_05, .0_06, .0_07, .0_08, .0_09, .0_10, Base |
| Red Hat, Inc. | Red Hat Enterprise Linux Desktop Supplementary | 5.0 IA-32, x86-64 |
| Red Hat, Inc. | Red Hat Enterprise Linux Extras | 3 IA-32, IA-64, PPC, s390, s390x, x86_64 | 4 IA-32, IA-64, PPC, s390, s390x, x86_64 |
| Red Hat, Inc. | Red Hat Network Satellite | 5.2 Base |
| Red Hat, Inc. | RHEL Supplementary | 5 IA-32, IA-64, PPC, PPC64, S390, S390x, x86_64 |
| SUSE | SUSE Linux Enterprise Desktop (SLED) | 10 SP2 EM64T, SP2 amd64, SP2 x86 |
| SUSE | SuSE Linux Enterprise Server | 10 SP2 AMD64, SP2 EM64T, SP2 Itanium (IPF), SP2 PPC, SP2 x86, SP2 zSeries 64bit | 9 IBM Power, IPF (itanium), iSeries, pSeries, s/390, x86, x86-64 (amd64, em64t), zSeries, zSeries 64bit |
| VMware, Inc. | VirtualCenter | 2.0.2 Base, Update 1, Update 2, Update 3, Update 4, Update 5 | 2.5 Base, Update 1, Update 2, Update 3 | 4.0 Base |
| VMware, Inc. | VMware ESX Server | 3.0 .1, .2, .3, Base | 3.5 Base, Update 1, Update 2, Update 3, Update 4 | 4.0 Base |
| VMware, Inc. | VMware Server | 2.0 .0, .1 |
|
|
LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME. |
|
|
