lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <50408CC6.1010908@security-explorations.com>
Date: Fri, 31 Aug 2012 12:07:02 +0200
From: Security Explorations <contact@...urity-explorations.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [SE-2012-01] New security issue affecting Java SE 7 Update 7


Hello All,

Yesterday, an out-of-band patch was released by Oracle [1], which
among other things incorporated fixes for the issues exploited by
the recent Java SE 7 attack code (ClassFinder / MethodFinder bugs).

One of the fixes incorporated in the released update also addressed
the exploitation vector with the use of the sun.awt.SunToolkit class.
Removing getField and getMethod methods from the implementation of
the aforementioned class caused all of our full sandbox bypass Proof
of Concept codes [2] not to work any more (please note, that not all
security issues that were reported in Apr 2012 got addressed by the
recent Java update).

Today we sent a security vulnerability report along with a Proof of
Concept code to Oracle. The code successfully demonstrates a complete
JVM sandbox bypass in the environment of a latest Java SE software
(version 7 Update 7 released on Aug 30, 2012). The reason for it is
a new security issue discovered, that made exploitation of some of
our not yet addressed bugs possible to exploit again.

Thank you.

Best Regards,
Adam Gowdiak

---------------------------------------------
Security Explorations
http://www.security-explorations.com
"We bring security research to the new level"
---------------------------------------------

References:
[1] Oracle Security Alert for CVE-2012-4681
 
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
[2] SE-2012-01 Proof of Concept Codes (technical information)
     http://www.security-explorations.com/en/SE-2012-01-poc.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ