HTTP: Oracle Java SE BasicServiceImpl Sandbox Bypass

This signature detects attempts to exploit a known vulnerability against Oracle Java SE. A successful attack can lead to bypass of java sandbox.

Extended Description

Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Web Start 'BasicServiceImpl'. The vulnerability can be exploited to escape the Java sandbox and run arbitrary code in the context of the Java Runtime. This vulnerability affects the following supported versions: 6 Update 21

Affected Products

Red_hat enterprise_linux_as_extras

References

BugTraq: 43999

CVE: CVE-2010-3563

Short Name
HTTP:STC:JAVA:BASICSERVICEIMPL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
BasicServiceImpl Bypass CVE-2010-3563 Java Oracle SE Sandbox bid:43999
Release Date
01/10/2012
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Red_hat

Suse

Gentoo

Sun

Hp

Avaya

Vmware

CVSS Score

10.0

Found a potential security threat?