CVE-2005-0418
CVSS7.5
发布时间 :2005-05-02 00:00:00
修订时间 :2008-09-05 16:46:14
NMCOS    

[原文]Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.


[CNNVD]Java Web Start远程代码注入漏洞(CNNVD-200505-631)

        Java Web Start中的漏洞可能允许不可信任的应用程序提升权限,这样,应用程序就可以读写运行Java Web Start用户可以访问的本地文件,或执行该用户可访问的本地应用程序。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:sun:j2se:1.4.2_05::sdk
cpe:/a:sun:j2se:1.4.2::sdk
cpe:/a:sun:j2se:1.4.2_02::sdk
cpe:/a:sun:j2se:1.4.2_01::sdk
cpe:/a:sun:j2se:1.4.2_06::sdk
cpe:/a:sun:j2se:1.4.2_04::sdk
cpe:/a:sun:j2se:1.4.2_03::sdk

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0418
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0418
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-631
(官方数据源) CNNVD

- 其它链接及资源

http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html
(VENDOR_ADVISORY)  APPLE  APPLE-SA-2005-03-24

- 漏洞信息

Java Web Start远程代码注入漏洞
高危 设计错误
2005-05-02 00:00:00 2005-10-25 00:00:00
远程  
        Java Web Start中的漏洞可能允许不可信任的应用程序提升权限,这样,应用程序就可以读写运行Java Web Start用户可以访问的本地文件,或执行该用户可访问的本地应用程序。

- 公告与补丁

        暂无数据

- 漏洞信息

14899
Sun Java Web Start JNLP File Arbitrary Command Execution
Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

- 时间线

2005-03-16 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Sun Java Web Start System Property Tags Remote Unauthorized Access Vulnerability
Design Error 12847
Yes No
2005-03-18 12:00:00 2007-03-05 08:55:00
Jouko Pynnonen <jouko@iki.fi> is credited with the discovery of this issue.

- 受影响的程序版本

Sun JRE (Solaris Production Release) 1.3.1
Sun JRE (Solaris Production Release) 1.3 _04
Sun JRE (Solaris Production Release) 1.3 _03
Sun JRE (Solaris Production Release) 1.3 _01
Sun JRE (Linux Production Release) 1.3.1 _04
Sun JRE (Linux Production Release) 1.3.1 _01a
Sun Java Web Start 1.2
Sun Java 2 Runtime Environment 1.4.2 _06
Sun Java 2 Runtime Environment 1.4.2 _05
Sun Java 2 Runtime Environment 1.4.2 _04
Sun Java 2 Runtime Environment 1.4.2 _03
+ Oracle Oracle10g Application Server 10.1 .0.2
+ Oracle Oracle10g Application Server 10.1 .0.2
+ Oracle Oracle10g Application Server 10.1 .0.2
+ Oracle Oracle10g Enterprise Edition 10.1 .0.2
+ Oracle Oracle10g Enterprise Edition 10.1 .0.2
+ Oracle Oracle10g Enterprise Edition 10.1 .0.2
+ Oracle Oracle10g Personal Edition 10.1 .0.2
+ Oracle Oracle10g Personal Edition 10.1 .0.2
+ Oracle Oracle10g Personal Edition 10.1 .0.2
+ Oracle Oracle10g Standard Edition 10.1 .0.2
Sun Java 2 Runtime Environment 1.4.2 _02
Sun Java 2 Runtime Environment 1.4.2 _01
Sun Java 2 Runtime Environment 1.4.2
Sun Java 2 Runtime Environment 1.4.1
Sun Java 2 Runtime Environment 1.3.1 _08
Sun Java 2 Runtime Environment 1.3.1 _01
Sun Java 2 Runtime Environment 1.3 _05
Sun Java 2 Runtime Environment 1.3 _02
Sun Java 2 Runtime Environment 1.3
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
Novell Linux Desktop 9
Gentoo Linux
Conectiva Linux 10.0
Apple Mac OS X Server 10.3.8
Apple Mac OS X Server 10.3.7
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X Server 10.2.8
Apple Mac OS X Server 10.2.7
Apple Mac OS X Server 10.2.6
Apple Mac OS X Server 10.2.5
Apple Mac OS X Server 10.2.4
Apple Mac OS X Server 10.2.3
Apple Mac OS X Server 10.2.2
Apple Mac OS X Server 10.2.1
Apple Mac OS X Server 10.2
Apple Mac OS X Server 10.1.5
Apple Mac OS X Server 10.1.4
Apple Mac OS X Server 10.1.3
Apple Mac OS X Server 10.1.2
Apple Mac OS X Server 10.1.1
Apple Mac OS X Server 10.1
Apple Mac OS X Server 10.0
Apple Mac OS X 10.3.8
Apple Mac OS X 10.3.7
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3
Apple Mac OS X 10.2.8
Apple Mac OS X 10.2.7
Apple Mac OS X 10.2.6
Apple Mac OS X 10.2.5
Apple Mac OS X 10.2.4
Apple Mac OS X 10.2.3
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2.1
Apple Mac OS X 10.2
Apple Mac OS X 10.1.5
Apple Mac OS X 10.1.4
Apple Mac OS X 10.1.3
Apple Mac OS X 10.1.2
Apple Mac OS X 10.1.1
Apple Mac OS X 10.1
Apple Mac OS X 10.1
Apple Mac OS X 10.0.4
Apple Mac OS X 10.0.3
Apple Mac OS X 10.0.2
Apple Mac OS X 10.0.1
Apple Mac OS X 10.0 3
Apple Mac OS X 10.0
Sun JRE (Linux Production Release) 1.4.2 _07
Sun Java Web Start 1.0.1 _02
+ Sun Java 2 Standard Edition SDK 1.4
Sun Java Web Start 1.0.1 _01
+ Sun SDK (Linux Production Release) 1.3
Sun Java Web Start 1.0.1
+ Sun SDK (Linux Production Release) 1.3
Sun Java Web Start 1.0
+ Sun SDK (Linux Production Release) 1.3
Sun Java 2 Runtime Environment 1.5

- 不受影响的程序版本

Sun JRE (Linux Production Release) 1.4.2 _07
Sun Java Web Start 1.0.1 _02
+ Sun Java 2 Standard Edition SDK 1.4
Sun Java Web Start 1.0.1 _01
+ Sun SDK (Linux Production Release) 1.3
Sun Java Web Start 1.0.1
+ Sun SDK (Linux Production Release) 1.3
Sun Java Web Start 1.0
+ Sun SDK (Linux Production Release) 1.3
Sun Java 2 Runtime Environment 1.5

- 漏洞讨论

A remote unauthorized-access vulnerability affects Java Web Start because the application fails to properly validate user-supplied input before considering it trusted.

An attacker may leverage this issue to gain unauthorized read/write access to affected computers. Other attacks may also be possible. Note that unauthorized access granted in this way will be with the privileges of the unsuspecting user that visits a malicious website.

Reports from Harry Johnston indicate the OraClient 10g component of Oracle Database Server 10g incorporates a vulnerable version of the Java Runtime Environment and is therefore vulnerable to this issue.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

- 解决方案

The vendor has released Sun Alert ID: 57740 along with upgrades dealing with this issue. Please see the referenced advisories for more information.


Sun Java 2 Runtime Environment 1.3 _05

Sun JRE (Solaris Production Release) 1.3 _03

Sun JRE (Solaris Production Release) 1.3 _04

Sun JRE (Solaris Production Release) 1.3 _01

Sun JRE (Solaris Production Release) 1.3.1

Sun Java 2 Runtime Environment 1.3.1 _08

Sun JRE (Linux Production Release) 1.3.1 _04

Sun JRE (Linux Production Release) 1.3.1 _01a

Sun Java 2 Runtime Environment 1.3.1 _01

Sun Java 2 Runtime Environment 1.4.1

Sun Java 2 Runtime Environment 1.4.2 _03

Sun Java 2 Runtime Environment 1.4.2

Sun Java 2 Runtime Environment 1.4.2 _02

Sun Java 2 Runtime Environment 1.4.2 _04

Apple Mac OS X Server 10.3.4

Apple Mac OS X 10.3.4

Apple Mac OS X Server 10.3.5

Apple Mac OS X 10.3.5

Apple Mac OS X Server 10.3.6

Apple Mac OS X 10.3.6

Apple Mac OS X Server 10.3.7

Apple Mac OS X 10.3.8

Apple Mac OS X Server 10.3.8

S.u.S.E. Linux Personal 9.0

S.u.S.E. Linux Professional 9.0

S.u.S.E. Linux Professional 9.0 x86_64

S.u.S.E. Linux Personal 9.0 x86_64

S.u.S.E. Linux Professional 9.1 x86_64

S.u.S.E. Linux Professional 9.1

S.u.S.E. Linux Personal 9.1 x86_64

S.u.S.E. Linux Professional 9.2 x86_64

S.u.S.E. Linux Personal 9.2 x86_64

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站