FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2012-4681

This CVE name corresponds to:

Entered Topic
2012-08-30 Java 1.7 -- security manager bypass

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2012-4681 at cve.mitre.org

Details

Type Candidate
Name CVE-2012-4681
Phase Assigned(20120827)

Description

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.

References

Source Reference
MISC http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html
MISC http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/
MISC https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day
MISC http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html
MISC http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html
CONFIRM http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
HP HPSBUX02824
HP SSRT100970
REDHAT RHSA-2012:1225
SUSE SUSE-SU-2012:1231
SUSE SUSE-SU-2012:1398
CERT TA12-240A
SECUNIA 51044

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.