ronjor
December 4th, 2008, 09:19 AM
-{ Quote: "Critical: Highly critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status: Vendor Patch " }-Secunia (http://secunia.com/Advisories/32991/)
Rmus
December 5th, 2008, 11:05 AM
From some of the references in the article about the various exploits:
-{ Quote: "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page.
To fully exploit this specific attack vector, an attacker would need to remotely or locally host a malicious version of classes used by a trusted application and then lure a user into opening a malicious jnlp file. A firewall installed between the attacker and victim could mitigate this issue if the victim's machine were restricted from accessing the hosted network share.
If an attacker puts a malicious JAR file on a web server and makes a victim using Internet Explorer
to click on a link to this archive, the browser asks the user wether to save or open the file. If the user clicks "Open", the JAR file gets automatically executed by javaw.exe.
There are several ways to exploit this vulnerability. In Internet Explorer 6, after the user visits the malicious web page, no further user interaction is needed. However, in FireFox and Internet Explorer 7, the user will be presented with the 'File Open' confirmation dialog, and will have to accept opening the file. It would also be possible for an attacker to e-mail an infected file to a user, or place it on a shared network drive. In this situation, a targeted user would need to manually open the file." }-This is instructive reading, especially for those who help home users. Notwithstanding that these vulnerabilities have been patched, and that no in-the-wild exploits targeting them were released, nonetheless, it calls attention to the importance of understanding what Java is (it is not Javascript), when it is necessary to run (current browsers allow for toggling Enable/Disable), and, as is the case with many web-embedded exploits, how to be aware of the ways attackers trick users into opening files from the web.
----
rich
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.