Vulnerability Note VU#507652
Oracle Sun Java fails to properly validate Java applet signatures
Oracle Sun Java fails to properly validate Java applet signatures, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Signed Java applets have the ability to perform actions outside of the traditional Java sandbox, including local filesystem access or the ability to execute native code. When a user encounters a signed Java applet in a web page, the JRE will provide a dialog asking the user if they wish to run the application. The default for this dialog is "Always trust content from this publisher." This means that once a signed Java applet is executed, all applets that are determined to be signed by that vendor will execute without requiring any user interaction. Please see the CERT Vulnerability Analysis Blog for more details.
Oracle Sun Java contains a critical flaw in the validation of Java applet signatures. This vulnerability can allow an attacker to modify the contents of a signed Java applet without breaking the signature. The Oracle Critical Patch Update lists the following versions as being affected:
By convincing a user to execute a signed Java applet, e.g. by visiting a website, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Apply an update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Oracle Corporation||Affected||-||02 Apr 2010|
|Sun Microsystems, Inc.||Affected||22 Oct 2008||02 Apr 2010|
CVSS Metrics (Learn More)
Thanks to Brian Bjerre Graversen of Signaturgruppen for reporting this vulnerability.
This document was written by Will Dormann.
- CVE IDs: CVE-2010-0087
- Date Public: 30 Mar 2010
- Date First Published: 02 Apr 2010
- Date Last Updated: 02 Apr 2010
- Severity Metric: 27.34
- Document Revision: 7
If you have feedback, comments, or additional information about this vulnerability, please send us email.