HTTP: Oracle Java Soundbank Resource Name Stack Buffer Overflow
This signature detects attempts to exploit a known stack buffer overflow vulnerability in Oracle Java Runtime. It is due to a sign-extension error when parsing the length of a resource name in a Soundbank file. A remote unauthenticated attacker can exploit this by enticing a target user to open a malicious Java applet with a vulnerable application. In a successful attack, where arbitrary code is injected and executed on the target host, the behavior of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the logged in user. In an unsuccessful attack, the application terminates abnormally.
Extended Description
Oracle Java SE and Java for Business are prone to a remote vulnerability in Sound. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported versions: 6 Update 18, 5.0 Update 23, 1.4.2_25, 1.3.1_27
Affected Products
Sun sdk_(windows_production_release)
Short Name
HTTP:STC:DL:JAVA-SB-RES
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2010-0839 Java Name Oracle Overflow Resource Soundbank Stack bid:39070
Release Date
10/26/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3606
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Sun
Hp
Avaya
Pardus
Oracle
Vmware
CVSS Score
7.5