X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 244990 A Buffer Overflow Vulnerability in the Java Runtime Environment (JRE) May Allow Privileges to be Escalated

Guest Author
Product: Sun Java Standard Edition (Java SE)

A buffer overflow vulnerability in the Java Runtime Environment (JRE) may allowan untrusted Java application that is launched through the command lineto escalate privileges. For example, the untrusted Java application maygrant itself permissions to read and write local files or execute localapplications that are accessible to the user running the untrusted Javaapplication.

This vulnerability cannot be exploited by an applet or Java Web Startapplication.

Sun acknowledges with thanks, Stefan Middendorf from Cirosec for bringing this issueto our attention.
Additional information on this issue can be found at:
http://www.ximido.de/research/advisories/SM_Java-BO_200811.txt

State: Resolved
First released: 03-Dec-2008

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.