Detections
Analytics

Sun Java Web Start JNLP File Handling Overflow (102996)

high Nessus Plugin ID 25693

Synopsis

The remote Windows host has an application that may be prone to a buffer overflow attack.

Description

There is reportedly a buffer overflow in the Java Web Start utility distributed with the version of Sun Java Runtime Environment (JRE) installed on the remote host. If an attacker can convince a user on the affected host to open a specially crafted JNLP file, arbitrary code could be executed subject to the user's privileges.

Solution

Upgrade to Sun Java JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 12 or later and remove, if necessary, any affected versions.

See Also

https://www.beyondtrust.com/resources/blog/research/

https://www.securityfocus.com/archive/1/473224/30/0/threaded

https://www.securityfocus.com/archive/1/473356/30/0/threaded

http://www.nessus.org/u?7eec761c

Plugin Details

Severity: High

ID: 25693

File Name: sun_java_webstart_jnlp_overflow.nasl

Version: 1.31

Type: local

Agent: windows

Family: Windows

Published: 7/10/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:jre

Required KB Items: SMB/Java/JRE/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/9/2007

Vulnerability Publication Date: 7/10/2007

Exploitable With

Core Impact

Reference Information

CVE: CVE-2007-3655

BID: 24832

CWE: 119