Bugtraq mailing list archives
Another Microsoft Java Flaw Disovered
From: gem () RSTCORP COM (Gary McGraw)
Date: Thu, 14 Oct 1999 10:12:28 -0400
Karsten Sohr at the University of Marburg has discovered another serious security flaw in Microsoft's Java Virtual Machine. A bug in Microsoft's bytecode verifier allows the construction of code sequences that illegally cast values of one Java type to values of another unrelated type, in violation of Java's typing rules, without detection by Microsoft's verifier. An attack applet can exploit this flaw to breach the JVM's security, and can then proceed to do anything it wants to do on the victim's computer. For example, an attack applet might exploit this flaw to read private data, modify or delete files, or eavesdrop on the user's activities. Dirk Balfanz and Ed Felten, at Princeton University, have constructed a demonstration applet that exploits this flaw to delete a file. All recent versions of Microsoft's JVM for Windows appear to be vulnerable, so users of recent versions of Internet Explorer are affected by this flaw. A malicious applet could also be embedded in an e-mail message read using Microsoft Outlook or Eudora. Users of other JVMs, browsers, and email readers are generally not affected. Reliable Software Technologies was involved in testing on various platforms. Links The Princeton Secure Internet Programming team's news release http://www.cs.princeton.edu/sip/history/ The Reliable Software Technologies news release http://www.rstcorp.com Our book "Securing Java" on the Web gives a detailed treatment of Java security issues http://www.securingjava.com gem Gary McGraw, Ph.D gem () rstcorp com Vice President, Corporate Technology Reliable Software Technologies Dulles, VA <http://www.rstcorp.com/~gem> <http://www.securingjava.com>
Current thread:
- Re: Security of "Virtual Network Computer", (continued)
- Re: Security of "Virtual Network Computer" Dan Foster (Oct 12)
- Re: Security of "Virtual Network Computer" Luca Berra (Oct 13)
- Finjan Alert: WinNT.Infis Trojan by way of Tim Wieneke (Oct 13)
- The old "." problem nblasgen () NICK REFRACT COM (Oct 13)
- Re: The old "." problem David Zverina (Oct 14)
- Re: The old "." problem S.Faust (Oct 16)
- Gauntlet 5.0 BSDI warning Keith Young (Oct 18)
- Re: Gauntlet 5.0 BSDI warning Strange (Oct 18)
- Re: Gauntlet 5.0 BSDI warning Keith Young (Oct 18)
- Email virus on the prowel Albert Hopkins (Oct 19)
- Another Microsoft Java Flaw Disovered Gary McGraw (Oct 14)
- Administrivia Elias Levy (Oct 14)