Public Safety and Emergency Preparedness Canada - Sécurité publique et Protection civile Canada
Skip all menus (access key: 2) Skip first menu (access key: 1)
Français Contact Us Help Search Canada Site
About us Policy Research Programs Newsroom
Public Safety and Emergency Preparedness Canada
Home

INFORMATION FOR...
Citizens
Communities
Governments
Business
First responders
Educators
ALTERNATE PATHS...
A-Z index
Site map
Organization
OF INTEREST...
SafeCanada.ca
Tackling Crime
EP Week
Proactive disclosure


Printable versionPrintable version
Send this pageSend this page

Home Programs Emergency management Response CCIRC Analytical releases2 AV05-37: Java Runtime Environment (JRE) Applet Privilege Escalation Vulnerability

Java Runtime Environment (JRE) Applet Privilege Escalation Vulnerability

Update to AV05-037

Purpose

US-CERT reports that the Sun Java vulnerability is now being actively exploited by enticing users
to visit a malicious website.

Assessment

When a user visits a webpage hosting a malicious Java applet, the remote attacker may execute
arbitrary code on the user's computer.

Suggested action

CCIRC recommends that system administrators test and update to non-vulnverabile versions:
SDK and JRE 1.3.1_16 and later
SDK and JRE 1.4.2_09 and later
JDK and JRE 5.0 Update 4 and later

For more information refer to: http://www.us-cert.gov/current/current_activity.html#javaapi

Number: AV05-037
Date: 29 November 2005

Purpose

The purpose of this advisory is to draw your attention to multiple Sun Alert Notifications addressing privilege escalation vulnerabilities in the Java Runtime Environment (JRE) that could lead to the remote execution of arbitrary code with the privilege of the local user.

Assessment

Multiple vulnerabilities were reported by Sun Microsystems:

  1. A java applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.
  2. Three (3) security vulnerabilities with the use of "reflection" APIs in the Java Runtime Environment (JRE) may (independently) allow an untrusted applet to elevate its privileges.
  3. A vulnerability with the Java Management Extensions (JMX) implementation included with the Java Runtime Environment (JRE) may allow an untrusted applet to elevate its privileges. For example an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.

Versions affected:

Sun Java SDK 1.3.1_15 and prior (Windows, Solaris and Linux) Sun Java JRE 1.3.1_15 and prior (Windows, Solaris and Linux) Sun Java SDK 1.4.2_08 and prior (Windows, Solaris and Linux) Sun Java JRE 1.4.2_08 and prior (Windows, Solaris and Linux) Sun Java JDK 5.0 Update 3 and prior (Windows, Solaris and Linux) Sun Java JRE 5.0 Update 3 and prior (Windows, Solaris and Linux)

Suggested action

CCIRC recommends the following:

  • Take stock of JRE versions in use in your organization.
  • Identify application version dependencies with regards to JRE, JDK and SDK.
  • Test your applications with the most recent non-vulnerable version of JRE, JDK and SDK.

Not affected:

JDK and JRE 5.0 Update 4 or later: http://java.sun.com/j2se/1.5.0/download.jsp
SDK and JRE 1.4.2_09 or later: http://java.sun.com/j2se/1.4.2/download.html
SDK and JRE 1.3.1_16 or later: http://java.sun.com/j2se/1.3/download.html

Original Advisories:

Sun Microsystems:

Security Vulnerability With Java Runtime Environment May Allow Untrusted Applet to Elevate Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-26-102050-1&searchclause;=security

Security Vulnerabilities in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Its Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-26-102003-1&searchclause;=security

Security Vulnerability With Java Management Extensions in the Java Runtime Environment may Allow Untrusted Applet to Elevate Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-26-102017-1&searchclause;=security

FrSIRT:
Sun Java JRE and SDK Multiple Sandbox Security Bypass Vulnerabilities http://www.frsirt.com/english/advisories/2005/2636

Note to Readers

Public Safety and Emergency Preparedness Canada (PSEPC) collects information related to cyber and physical threats to, and incidents involving, Canadian critical infrastructure. This allows us to monitor and analyze threats and to issue alerts, advisories and other information products. To report threats or incidents, please contact the Government Operations Centre (GOC) at (613) 991-7000 or goc-cog@psepc-sppcc.gc.ca by e-mail.

Unauthorized use of computer systems and mischief in relation to data are serious Criminal Code offences in Canada. Any suspected criminal activity should be reported to local law enforcement organizations. The Royal Canadian Mounted Police (RCMP) National Operations Centre (N.O.C.) provides a 24/7 service to receive such reports or to redirect callers to local law enforcement organizations. The N.O.C. can be reached at (613) 993-4460. National security concerns should be reported to the Canadian Security Intelligence Service (CSIS) at (613) 993-9620.

For urgent matters or to report any incidents, please contact the Government Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: goc-cog@psepc-sppcc.gc.ca

For general information on critical infrastructure protection and emergency preparedness, please contact PSEPC's Public Affairs division at:

Telephone: (613) 944-4875 or 1-800-830-3118
Fax: (613) 998-9589
E-mail: communications@psepc-sppcc.gc.ca
Web: www.psepc.gc.ca
Top of Page
Last updated: 2006-01-16 Top of Page Important notices