Microsoft VM ByteCode Verifier improper validation of code

msvm-bytecode-improper-validation (11751) The risk level is classified as HighHigh Risk

Description:

Microsoft Virtual Machine (VM) could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the Bytecode Verifier code analysis mechanism, which fails to properly validate code when a Java applet is being loaded. If a remote attacker creates a Java Applet that contains an invalid sequence of byte codes, the attacker could then host the malicious Java Applet on a Web site or send it to a potential victim within an HTML email.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Microsoft VM (build 5.0.3810 or later), as listed in Microsoft Security Bulletin MS03-011. See References.

References:

  • CIAC Information Bulletin N-074: Microsoft Virtual Machine (VM) Vulnerability.
  • Microsoft Security Bulletin MS03-011: Flaw in Microsoft VM Could Enable System Compromise (816093).
  • CVE-2003-0111: The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka Flaw in Microsoft VM Could Enable System Compromise.
  • US-CERT VU#447569: Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code

Platforms Affected:

  • Microsoft Internet Explorer
  • Microsoft Java Virtual Machine 5.0.3809

Reported:

Apr 09, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page