Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25748
HistoryFeb 17, 2011 - 12:00 a.m.

ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability

2011-02-1700:00:00
vulners.com
29
JSON

ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-11-085

February 15, 2011

– CVE ID:
CVE-2010-4462

– CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)

– Affected Vendors:
Oracle

– Affected Products:
Oracle Java Runtime

– TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 10626.
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

– Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Oracle Java. User interaction is required to
exploit this vulnerability in that the target must visit a malicious
page or open a malicious file.

The flaw exists within jsound!XGetSamplePtrFromSnd. When extracting a
sample from a soundbank stream user supplied data is used to calculate
the bounds of a call to PV_Swap16BitSamples. By supplying a specially
crafted sound file, a remote attacker can exploit this vulnerability to
execute arbitrary code under the context of the process.

– Vendor Response:
Oracle has issued an update to correct this vulnerability. More
details can be found at:

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

– Disclosure Timeline:
2010-09-23 - Vulnerability reported to vendor
2011-02-15 - Coordinated public release of advisory

– Credit:
This vulnerability was discovered by:
* binaryproof

– About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

Related

veracode 1
zdi 1
checkpoint_advisories 1
prion 3
cve 3
ubuntucve 3
nessus 27
redhat 6
openvas 14
suse 4
securityvulns 1
vmware 2
gentoo 1
oracle 1
veracode
veracode
Unspecified Vulnerability
2020-04-10 00:57:55
zdi
zdi
Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
2011-02-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java XGetSamplePtrFromSnd Memory Corruption (CVE-2010-4462)
2011-06-28 00:00:00
prion
prion
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
cve
cve
CVE-2010-4454
2011-02-17 19:00:00
CVE-2010-4462
2011-02-17 19:00:00
CVE-2010-4473
2011-02-17 19:00:00
ubuntucve
ubuntucve
CVE-2010-4473
2011-02-17 00:00:00
CVE-2010-4462
2011-02-17 00:00:00
CVE-2010-4454
2011-02-17 00:00:00
nessus
nessus
RHEL 4 / 5 : java-1.4.2-ibm (RHSA-2011:0490)
2011-05-06 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7505)
2011-05-13 00:00:00
SuSE9 Security Update : IBM Java JRE and SDK (YOU Patch Number 12706)
2011-05-13 00:00:00
redhat
redhat
(RHSA-2011:0870) Moderate: java-1.4.2-ibm-sap security update
2011-06-15 00:00:00
(RHSA-2011:0490) Critical: java-1.4.2-ibm security update
2011-05-05 00:00:00
(RHSA-2011:0364) Critical: java-1.5.0-ibm security update
2011-03-17 00:00:00
openvas
openvas
Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
2011-02-28 00:00:00
Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
2011-02-28 00:00:00
Java for Mac OS X 10.6 Update 4
2011-08-29 00:00:00
suse
suse
Security update for IBM Java 1.4.2 (important)
2011-07-22 05:08:11
remote code execution in java-1_4_2-ibm
2011-05-13 13:10:27
remote code execution in java-1_6_0-ibm,java-1_5_0-ibm,java-1_4_2-ibm
2011-03-22 13:32:34
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities / OpenJDK
2011-02-17 00:00:00
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
oracle
oracle
cpuapr2011
2011-04-19 00:00:00
JSON
Related for SECURITYVULNS:DOC:25748
veracode1zdi1checkpoint_advisories1prion3cve3ubuntucve3nessus27redhat6openvas14suse4securityvulns1vmware2gentoo1oracle1