|
|
Sun Java虚拟机可非法访问对象方法漏洞
发布时间:2003-02-12
更新时间:2003-02-12
严重程度:中
威胁程度:其它
错误类型:设计错误
利用方式:客户机模式
BUGTRAQ ID:6681
受影响系统Sun JRE (Linux Production Release) 1.2.2 _13
Sun JRE (Linux Production Release) 1.2.2 _011
Sun JRE (Linux Production Release) 1.2.2 _010
Sun JRE (Linux Production Release) 1.2.2
Sun JRE (Linux Production Release) 1.3 _05
Sun JRE (Linux Production Release) 1.3 _02
Sun JRE (Linux Production Release) 1.3
Sun JRE (Linux Production Release) 1.3.1 _05
Sun JRE (Linux Production Release) 1.3.1 _03
Sun JRE (Linux Production Release) 1.3.1 _01
Sun JRE (Linux Production Release) 1.3.1
Sun JRE (Linux Production Release) 1.4 .0_02
Sun JRE (Linux Production Release) 1.4
Sun JRE (Solaris Production Release) 1.2.2 _13
Sun JRE (Solaris Production Release) 1.2.2 _10
Sun JRE (Solaris Production Release) 1.2.2 _011
Sun JRE (Solaris Production Release) 1.2.2
Sun JRE (Solaris Production Release) 1.3 _05
Sun JRE (Solaris Production Release) 1.3 _02
Sun JRE (Solaris Production Release) 1.3
Sun JRE (Solaris Production Release) 1.3.1 _05
Sun JRE (Solaris Production Release) 1.3.1 _03
Sun JRE (Solaris Production Release) 1.3.1 _01
Sun JRE (Solaris Production Release) 1.4 .0_02
Sun JRE (Solaris Production Release) 1.4
Sun JRE (Solaris Reference Release) 1.2.2 _10
Sun JRE (Solaris Reference Release) 1.2.2 _013
Sun JRE (Solaris Reference Release) 1.2.2 _011
Sun JRE (Solaris Reference Release) 1.2.2
Sun JRE (Windows Production Release) 1.2.2 _013
Sun JRE (Windows Production Release) 1.2.2 _011
Sun JRE (Windows Production Release) 1.2.2 _010
Sun JRE (Windows Production Release) 1.2.2
Sun JRE (Windows Production Release) 1.3 _05
Sun JRE (Windows Production Release) 1.3 _02
Sun JRE (Windows Production Release) 1.3
Sun JRE (Windows Production Release) 1.3.1 _05
Sun JRE (Windows Production Release) 1.3.1 _03
Sun JRE (Windows Production Release) 1.3.1 _01a
Sun JRE (Windows Production Release) 1.4 .0_02
Sun JRE (Windows Production Release) 1.4
Sun SDK (Linux Production Release) 1.2.2 _13
Sun SDK (Linux Production Release) 1.2.2 _011
Sun SDK (Linux Production Release) 1.2.2 _010
Sun SDK (Linux Production Release) 1.3 _05
Sun SDK (Linux Production Release) 1.3 _02
Sun SDK (Linux Production Release) 1.3.1 _05
Sun SDK (Linux Production Release) 1.3.1 _03
Sun SDK (Linux Production Release) 1.3.1 _01
Sun SDK (Linux Production Release) 1.4 .0_02
Sun SDK (Linux Production Release) 1.4
Sun SDK (Solaris Production Release) 1.2.2 _13
Sun SDK (Solaris Production Release) 1.2.2 _10
Sun SDK (Solaris Production Release) 1.2.2 _07a
Sun SDK (Solaris Production Release) 1.2.2 _011
Sun SDK (Solaris Production Release) 1.2.2
Sun SDK (Solaris Production Release) 1.3 _05
Sun SDK (Solaris Production Release) 1.3 _02
Sun SDK (Solaris Production Release) 1.3.1 _05
Sun SDK (Solaris Production Release) 1.3.1 _03
Sun SDK (Solaris Production Release) 1.3.1 _01
Sun SDK (Solaris Production Release) 1.4 .0_02
Sun SDK (Solaris Production Release) 1.4
Sun SDK (Solaris Reference Release) 1.2.2 _013
Sun SDK (Solaris Reference Release) 1.2.2 _011
Sun SDK (Solaris Reference Release) 1.2.2 _010
Sun SDK (Windows Production Release) 1.2.2 _10
Sun SDK (Windows Production Release) 1.2.2 _013
Sun SDK (Windows Production Release) 1.2.2 _011
Sun SDK (Windows Production Release) 1.3 _05
Sun SDK (Windows Production Release) 1.3 _02
Sun SDK (Windows Production Release) 1.3.1 _05
Sun SDK (Windows Production Release) 1.3.1 _03
Sun SDK (Windows Production Release) 1.3.1 _01a
Sun SDK (Windows Production Release) 1.4 .0_02
Sun SDK (Windows Production Release) 1.4 详细描述
Sun Java虚拟机实现上存在漏洞,攻击者可能利用此漏洞访问到对象受保护的特性和方法。与其他漏洞结合使用,入侵者可能在用户机器上执行任意命令。
解决方案
厂商在新版软件中修补了漏洞:
Sun Upgrade SDK and JRE 1.2.2_014 (Solaris Production Release)
http://java.sun.com/j2se/1.2/
相关信息
Alessandro Coglio
Sun Alert ID: 50083
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50083
|
