APP: Oracle Java Applet Rhino Script Engine Policy Bypass
This signature detects attempts to exploit a policy bypass vulnerability in the Oracle Java Rhino Script engine. This issue can be used with a Java Applet to execute Java code outside of the sandbox. The vulnerability is caused by insufficient restrictions of certain instances of the error object. An attacker can exploit this vulnerability by enticing a user with sufficient privileges to open a webpage containing a Java Applet and Javascript code running the Rhino script engine. Successful exploitation can result in the execution of arbitrary Java code with full privileges of the currently logged in user.
Extended Description
Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6 Update 27
Affected Products
Xerox freeflow_print_server_(ffps),Avaya aura_sip_enablement_services
Short Name
APP:ORACLE:RHINOSCRIPT-BYPASS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Applet Bypass CVE-2011-3544 Engine Java Oracle Policy Rhino Script bid:50218
Release Date
12/09/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Gentoo
Hp
Sun
Openjdk
Avaya
Panda
Oracle
Ubuntu
Mandriva
Xerox
Debian
Vmware
Ibm
CVSS Score
10.0