HTTP: Sun JRE isInstalled.dnsResolve Function Memory Exception
This signature detects attempts to exploit a known design weakness vulnerability in the way Sun Java Web Start ActiveX control handles user supplied data. Specifically, it is due to improper validation of user supplied data in the isInstalled.dnsResolve ActiveX control method. A remote attacker can exploit this by enticing the target user to open a malicious Web page, which if successful, causes the browser to terminate abnormally and create a denial-of service condition.
Extended Description
Sun Java Web Start ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. The version of Sun Java Web Start included with Sun JRE 1.6.0 is vulnerable to this issue; other versions may also be affected.
Affected Products
Sun java_web_start
Short Name
HTTP:STC:ACTIVEX:JRE-DNSRESOLVE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-5019 Exception Function JRE Memory Sun bid:25734 isInstalled.dnsResolve
Release Date
10/15/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Sun
CVSS Score
10.0