Sun JMX in JRE allows elevated privileges

sun-jmx-elevate-privileges (23252) The risk level is classified as HighHigh Risk

Description:

Sun Microsystems Java Management Extensions implementation in Java Runtime Environment (JRE) and Java Development Kit (JDK) could allow a remote attacker to gain elevated privileges. A remote attacker could create an untrusted applet, which could then be used to gain elevated privileges and read or write local files or execute arbitrary applications on the system.


Consequences:

Gain Privileges

Remedy:

Upgrade to the latest version of Sun JDK and JRE (5.0 Update 4 or later), available from Sun Alert ID: 102017. See References.

References:

  • Sun Alert ID: 102017: Security Vulnerability With Java Management Extensions in the Java Runtime Environment may Allow Untrusted Applet to Elevate Privileges.
  • BID-15615: Sun Java Runtime Environment Multiple Privilege Escalation Vulnerabilities
  • CVE-2005-3904: Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.
  • SA17748: Sun Java JRE Sandbox Security Bypass Vulnerabilities
  • SA18092: IBM Java SDK JRE Sandbox Security Bypass Vulnerabilities
  • SECTRACK ID: 1015281: Sun Java Runtime Environment (JRE) JMX Bug Lets Applets Gain Elevated Privileges
  • SUSE-SR:2006:001: SUSE Security Summary Report
  • US-CERT VU#931684: Sun Java Management Extensions privilege escalation vulnerability
  • VUPEN/ADV-2005-2636: Sun Java JRE and SDK Multiple Sandbox Security Bypass Vulnerabilities
  • VUPEN/ADV-2005-2675: Apple Mac OS X Security Update Fixes Multiple J2SE Vulnerabilities
  • VUPEN/ADV-2005-2946: IBM Java SDK Multiple Sandbox Security Bypass Vulnerabilities

Platforms Affected:

  • Sun J2RE 1.3.0
  • Sun J2RE 1.3.0_01
  • Sun J2RE 1.3.0_02
  • Sun J2RE 1.3.0_03
  • Sun J2RE 1.3.0_04
  • Sun J2RE 1.3.0_05
  • Sun J2RE 1.3.1
  • Sun J2RE 1.3.1_01
  • Sun J2RE 1.3.1_01a
  • Sun J2RE 1.3.1_04
  • Sun J2RE 1.3.1_08
  • Sun J2RE 1.3.1_15
  • Sun J2RE 1.4.1
  • Sun J2RE 1.4.2
  • Sun J2RE 1.4.2_01
  • Sun J2RE 1.4.2_02
  • Sun J2RE 1.4.2_03
  • Sun J2RE 1.4.2_04
  • Sun J2RE 1.4.2_05
  • Sun J2RE 1.4.2_06
  • Sun J2RE 1.4.2_07
  • Sun J2RE 1.4.2_08
  • Sun J2RE 1.4.2_09
  • Sun J2RE 1.5
  • Sun J2RE 1.5.0_01
  • Sun J2RE 1.5.0_02
  • Sun J2RE 1.5.0_03
  • Sun JDK 1.5.0 Update3
  • Sun JRE 1.5.0 Update3

Reported:

Nov 28, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page