---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Sun Java JDK / JRE Multiple Vulnerabilities SECUNIA ADVISORY ID: SA36159 VERIFY ADVISORY: http://secunia.com/advisories/36159/ DESCRIPTION: Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. 1) An error in the JRE SOCKS proxy implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtain the username of the user running the applet or application. 2) An error in the JRE proxy mechanism implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtain browser cookies. 3) An error in the JRE proxy mechanism implementation can be exploited by untrusted applets or untrusted Java Web Start applications to establish connections to normally restricted hosts. 4) An error in the Microsoft Visual Studio Active Template Library (ATL) used by the Java Web Start ActiveX control can be exploited to execute arbitrary code when a user visits a specially crafted web page. For more information: SA35967 5) An integer overflow error in JRE when unpacking applets and in Java Web Start applications using the "unpack200" JAR unpacking utility can be exploited to potentially execute arbitrary code. 6) An integer overflow error in JRE when parsing JPEG images can be exploited to potentially execute arbitrary code via a specially crafted Java Web Start application. 7) An error in the JRE audio system can be exploited by an untrusted applet or Java Web Start application to access "java.lang.System" properties. 8) An error in old version of the JNLPAppletLauncher class can be exploited to write arbitrary files to a user's system via a specially crafted untrusted applet. Please see the vendor advisories for details on affected products and versions. SOLUTION: Update to a fixed version. JDK and JRE 6 Update 15: http://java.sun.com/javase/downloads/index.jsp JDK and JRE 5.0 Update 20: http://java.sun.com/javase/downloads/index_jdk5.jsp Java SE for Business SDK and JRE 1.4.2_22: http://www.sun.com/software/javaseforbusiness/getit_download.jsp PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2) Gregory Fleischer 5) iDefense and an anonymous researcher via ZDI 6) an anonymous researcher, reported via ZDI 7) Sami Koivu 8) John Heasman ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264648-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-263488-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-263408-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-263490-1 OTHER REFERENCES: SA35967: http://secunia.com/advisories/35967/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------