| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMnK33VQh4WXU+ZZpdSL55TKZSjDtY+OLi-zGajxXSJ-6n-Svw@mail.gmail.com> Date: Tue, 25 Sep 2012 16:30:37 -0700 From: Chris Evans <scarybeasts@...il.com> To: Security Explorations <contact@...urity-explorations.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [SE-2012-01] Critical security issue affecting Java SE 5/6/7 On Tue, Sep 25, 2012 at 1:47 AM, Security Explorations <contact@...urity-explorations.com> wrote: > > Hello All, > > We've recently discovered yet another security vulnerability > affecting all latest versions of Oracle Java SE software. The > impact of this issue is critical - we were able to successfully > exploit it and achieve a complete Java security sandbox bypass > in the environment of Java SE 5, 6 and 7. So far, we could only > claim such an impact with reference to Java 7 environment (the > Apple QuickTime attack relying on Issues 15 and 22 is the only > exception here). Thus, this post. I don't see any details? This list is "full disclosure", not "touch self in public". Cheers Chris > > The newly discovered bug is special for several reasons. This > is our "anniversary" finding (Issue number 50). We discovered > it exclusively for JavaOne 2012 [1]. Finally, the bug allows > to violate a fundamental security constraint of a Java Virtual > Machine (type safety). > > The following Java SE versions were verified to be vulnerable: > - Java SE 5 Update 22 (build 1.5.0_22-b03) > - Java SE 6 Update 35 (build 1.6.0_35-b10) > - Java SE 7 Update 7 (build 1.7.0_07-b10) > > All tests were successfully conducted in the environment of a > fully patched Windows 7 32-bit system and with the following > web browser applications: > - Firefox 15.0.1 > - Google Chrome 21.0.1180.89 > - Internet Explorer 9.0.8112.16421 (update 9.0.10) > - Opera 12.02 (build 1578) > - Safari 5.1.7 (7534.57.2) > > To fulfill the Pro Bono mission of our SE-2012-01 project [2], > we have provided Oracle corporation with a technical description > of the issue found along with a source and binary codes of our > Proof of Concept code demonstrating a complete Java security > sandbox bypass in the environment of Java SE 5, 6 and 7. > > We hope that a news about one billion users of Oracle Java SE > software [3] being vulnerable to yet another security flaw is not > gonna spoil the taste of Larry Ellison's [4] morning...Java. > > Thank you. > > Best Regards, > Adam Gowdiak > > --------------------------------------------- > Security Explorations > http://www.security-explorations.com > "We bring security research to the new level" > --------------------------------------------- > > References: > [1] Oracle Begins Final Preparations for JavaOne San Francisco 2012 > and Announces Keynote Lineup > http://www.oracle.com/us/corporate/press/1843546 > [2] SE-2012-01 Security vulnerabilities in Java SE > http://www.security-explorations.com/en/SE-2012-01.html > [3] Learn About Java Technology > http://java.com/en/about/ > [4] Larry Ellison > http://www.forbes.com/profile/larry-ellison/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists