安全研究

安全漏洞
Sun Microsystems不可信Applet Java安全模型冲突漏洞

发布日期:2003-06-05
更新日期:2003-06-10

受影响系统:
Sun JRE (Linux Production Release) 1.4
Sun JRE (Linux Production Release) 1.3.1_03
Sun JRE (Linux Production Release) 1.3.1_01
Sun JRE (Linux Production Release) 1.3.1
Sun JRE (Linux Production Release) 1.3.0_05
Sun JRE (Linux Production Release) 1.3.0_02
Sun JRE (Linux Production Release) 1.3.0
Sun JRE (Linux Production Release) 1.2.2_011
Sun JRE (Linux Production Release) 1.2.2_010
Sun JRE (Linux Production Release) 1.2.2_003
Sun JRE (Solaris Production Release) 1.4
Sun JRE (Solaris Production Release) 1.3_05
Sun JRE (Solaris Production Release) 1.3.1_05
Sun JRE (Solaris Production Release) 1.3.1_03
Sun JRE (Solaris Production Release) 1.3.1_02
Sun JRE (Solaris Production Release) 1.3.1_01
Sun JRE (Solaris Production Release) 1.3.0_02
Sun JRE (Solaris Production Release) 1.3
Sun JRE (Solaris Production Release) 1.2.2_11
Sun JRE (Solaris Production Release) 1.2.2_10
Sun JRE (Solaris Reference Release) 1.2.2_012
Sun JRE (Solaris Reference Release) 1.2.2_011
Sun JRE (Solaris Reference Release) 1.2.2_010
Sun JRE (Solaris Reference Release) 1.2.2
Sun JRE (Windows Production Release) 1.4
Sun JRE (Windows Production Release) 1.3_05
Sun JRE (Windows Production Release) 1.3.1_05
Sun JRE (Windows Production Release) 1.3.1_03
Sun JRE (Windows Production Release) 1.3.1_02
Sun JRE (Windows Production Release) 1.3.1_01a
Sun JRE (Windows Production Release) 1.3.0_02
Sun JRE (Windows Production Release) 1.3
Sun JRE (Windows Production Release) 1.2.2_011
Sun JRE (Windows Production Release) 1.2.2_010
Sun SDK (Linux Production Release) 1.4.0_02
Sun SDK (Linux Production Release) 1.4
Sun SDK (Linux Production Release) 1.3_05
Sun SDK (Linux Production Release) 1.3.1_05
Sun SDK (Linux Production Release) 1.3.1_03
Sun SDK (Linux Production Release) 1.3.1_02
Sun SDK (Linux Production Release) 1.3.1_01
Sun SDK (Linux Production Release) 1.3.0_02
Sun SDK (Linux Production Release) 1.2.2_011
Sun SDK (Linux Production Release) 1.2.2_010
Sun SDK (Solaris Production Release) 1.4.0_03
Sun SDK (Solaris Production Release) 1.4.0_02
Sun SDK (Solaris Production Release) 1.4
Sun SDK (Solaris Production Release) 1.3_05
Sun SDK (Solaris Production Release) 1.3.1_06
Sun SDK (Solaris Production Release) 1.3.1_05
Sun SDK (Solaris Production Release) 1.3.1_03
Sun SDK (Solaris Production Release) 1.3.1_02
Sun SDK (Solaris Production Release) 1.3.1_01
Sun SDK (Solaris Production Release) 1.3.0_02
Sun SDK (Solaris Production Release) 1.3
Sun SDK (Solaris Production Release) 1.2.2_11
Sun SDK (Solaris Production Release) 1.2.2_10
Sun SDK (Windows Production Release) 1.4.0_02
Sun SDK (Windows Production Release) 1.4
Sun SDK (Windows Production Release) 1.3_05
Sun SDK (Windows Production Release) 1.3.1_05
Sun SDK (Windows Production Release) 1.3.1_03
Sun SDK (Windows Production Release) 1.3.1_02
Sun SDK (Windows Production Release) 1.3.1_01a
Sun SDK (Windows Production Release) 1.3.0_02
Sun SDK (Windows Production Release) 1.2.2_011
Sun SDK (Windows Production Release) 1.2.2_010
描述:
BUGTRAQ  ID: 7824
CVE(CAN) ID: CVE-2003-1123

Solaris系统的Java Runtime Environment (JRE)为JAVA应用程序提供可靠的运行环境。

Java Runtime Environment (JRE)允许不可Applet从可信Applet中访问信息,远程攻击者可以利用这个漏洞绕过Java安全模型访问受限资源。

目前没有详细漏洞细节。

<*来源:RecipeXperience
  
  链接:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55100
*>

建议:
厂商补丁:

Sun
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

Sun SDK (Solaris Production Release) 1.2.2 _10:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun JRE (Solaris Reference Release) 1.2.2 _012:

Sun Upgrade SDK and JRE (Solaris OE Reference Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.2.2 _012:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.2.2 _012:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun SDK (Solaris Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Linux Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Solaris Reference Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Solaris OE Reference Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Linux Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Linux Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.2.2 _011:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.2.2 _010:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Linux Production Release) 1.2.2 _010:

Sun Upgrade SDK and JRE (Linux Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.2.2 _010:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.2.2 _010:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.2.2 _010:

Sun Upgrade SDK and JRE (Linux Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.2.2 _003:

Sun Upgrade SDK and JRE (Linux Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.2.2:

Sun Upgrade SDK and JRE (Windows Production Release) 1.2.2_013
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.2.2:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun JRE (Solaris Reference Release) 1.2.2:

Sun Upgrade SDK and JRE (Solaris OE Reference Release) 1.2.2_013
http://java.sun.com/j2se/

Sun SDK (Solaris Production Release) 1.2.2:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.2.2_13
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.3.1 _04:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.3.1 _04:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.3.1 _04:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Solaris Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Linux Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Linux Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Linux Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.3.1 _03:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.3.1 _01a:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.3.1 _01:

Sun Upgrade SDK and JRE (Windows Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.3.1 _01:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Solaris Production Release) 1.3.1 _01:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Linux Production Release) 1.3.1 _01:

Sun Upgrade SDK and JRE (Linux Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.3.1 _01:

Sun Upgrade SDK and JRE (Linux Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.3.1:

Sun Upgrade SDK and JRE (Linux Production Release) 1.3.1_05
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.4 .0_01:

Sun Upgrade SDK and JRE (Windows Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.4 .0_01:

Sun Upgrade SDK and JRE (Windows Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.4 .0_01:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun JRE (Linux Production Release) 1.4:

Sun Upgrade SDK and JRE (Linux Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun SDK (Linux Production Release) 1.4:

Sun Upgrade SDK and JRE (Linux Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun SDK (Windows Production Release) 1.4:

Sun Upgrade SDK and JRE (Windows Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun JRE (Windows Production Release) 1.4:

Sun Upgrade SDK and JRE (Windows Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun SDK (Solaris Production Release) 1.4:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.4.0_02
http://java.sun.com/j2se/

Sun JRE (Solaris Production Release) 1.4:

Sun Upgrade SDK and JRE (Solaris Production Release) 1.4.0_02
http://java.sun.com/j2se/

浏览次数:3041
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客