Oracle Java J.R.E., since Version 6 Update 10 are prone to multiple Remote-Code-Execution Vulnerabilities; other Versions might also be affected. This can allow an Attacker to Load and Execute an arbitrary J.A.R. file from an attacker-specified U.N.C. Share. Other Attacks that leverage this Vulnerability are also possible.
The issues affect the following plug-ins:
~ "deploytk.dll" - Java Deployment Toolkit ActiveX Plug-In for Internet Explorer: CLSID: CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA.
~ "jp2iexp.dll" - Java Platform S.E. ActiveX Plug-In for Internet Explorer: CLSID: 8AD9C840-044E-11D1-B3E9-00805F499D93.
~ "npdeploytk.dll" - Java Deployment Toolkit Plug-In for Mozilla Firefox.
~ "npjp2.dll" - Java Platform S.E. Plug-In for Mozilla Firefox and Google Chrome.
All plug-ins are installed by J.R.E..
These vulnerabilities are un-patched. Computers Running Microsoft Windows - and possibly Linux, although this is unconfirmed at this point - with vulnerable versions of Java installed are at risk. For Microsoft Windows platforms, Internet Explorer users can set the Killbits to prevent the vulnerable Control from being loaded in the Browser. Mozilla Firefox users can prevent the vulnerable N.P.A.P.I. plug-in, "npdeploytk.dll", D.L.L., from being loaded using file-system access controls. Blocking access to Port 139 may also help prevent exploitation of this issue using U.N.C. Shares. However, there are other ways that this vulnerability could be exploited.
Further information can be found in the following resources:
- Java Deployment Toolkit Performs Insufficient Validation of Parameters.
- Oracle J.R.E. Java Platform S.E. and Java Deployment Toolkit Plug-Ins Code-Execution Vulnerabilities.
Information on how to Enable Killbits is at:
- How to Stop an ActiveX Control from Running in Internet Explorer.
Oracle Java J.R.E., since Version 6 Update 10 are prone to multiple Remote-Code-Execution Vulnerabilities; other Versions might also be affected. This can allow an Attacker to Load and Execute an arbitrary J.A.R. file from an attacker-specified U.N.C. Share. Other Attacks that leverage this Vulnerability are also possible.
The issues affect the following plug-ins:
~ "deploytk.dll" - Java Deployment Toolkit ActiveX Plug-In for Internet Explorer: CLSID: CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA.
~ "jp2iexp.dll" - Java Platform S.E. ActiveX Plug-In for Internet Explorer: CLSID: 8AD9C840-044E-11D1-B3E9-00805F499D93.
~ "npdeploytk.dll" - Java Deployment Toolkit Plug-In for Mozilla Firefox.
~ "npjp2.dll" - Java Platform S.E. Plug-In for Mozilla Firefox and Google Chrome.
All plug-ins are installed by J.R.E..
These vulnerabilities are un-patched. Computers Running Microsoft Windows - and possibly Linux, although this is unconfirmed at this point - with vulnerable versions of Java installed are at risk. For Microsoft Windows platforms, Internet Explorer users can set the Killbits to prevent the vulnerable Control from being loaded in the Browser. Mozilla Firefox users can prevent the vulnerable N.P.A.P.I. plug-in, "npdeploytk.dll", D.L.L., from being loaded using file-system access controls. Blocking access to Port 139 may also help prevent exploitation of this issue using U.N.C. Shares. However, there are other ways that this vulnerability could be exploited.
Further information can be found in the following resources:
- Java Deployment Toolkit Performs Insufficient Validation of Parameters.
- Oracle J.R.E. Java Platform S.E. and Java Deployment Toolkit Plug-Ins Code-Execution Vulnerabilities.
Information on how to Enable Killbits is at:
- How to Stop an ActiveX Control from Running in Internet Explorer.
On April 14, 2010, multiple sources reported In-The-Wild exploitation of a Code-Execution Vulnerability (B.I.D. 39346) affecting Oracle J.R.E. Java Platform S.E. and Java Deployment Toolkit Plug-Ins. This issue affects Oracle Java J.R.E., since Version 6 Update 10; Other Versions may also be affected. Exploitation of this Issue can allow an attacker to Load and Execute an Arbitrary J.A.R. file from an Attacker-specified U.N.C. share.
On April 15, 2010, Java Runtime Environment 1.6.0_20 [J.R.E. 6 Update 20] was released by Oracle and seems to address this Vulnerability, though this was not confirmed by the Vendor.
- Oracle J.R.E. Java Platform S.E. and Java Deployment Toolkit Plug-Ins Code-Execution Vulnerabilities.
- Changes in 1.6.0_20 [6U.20].