Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27223
HistoryOct 31, 2011 - 12:00 a.m.

ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability

2011-10-3100:00:00
vulners.com
25
JSON

ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-307
October 26, 2011

– CVE ID:
CVE-2011-3545

– CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C

– Affected Vendors:

Oracle

– Affected Products:

Oracle Java Runtime

– Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Oracle Java. User interaction is required to
exploit this vulnerability in that the target must visit a malicious
page or open a malicious file.

The specific flaw exists because Java does not sufficiently verify
parameters certain functions. The function
MixerSequencer.nAddControllerEventCallback fails to check for negative
index numbers before writing user supplied data into a static array.
This allows a malicious applet to write user controlled data outside the
array boundaries resulting in remote code execution under the context of
the current user.

– Vendor Response:

Oracle has issued an update to correct this vulnerability. More details
can be found at:

http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html

– Disclosure Timeline:
2011-05-12 - Vulnerability reported to vendor
2011-10-26 - Coordinated public release of advisory

– Credit:
This vulnerability was discovered by:

  • axtaxt

– About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

Related

cve 1
veracode 1
zdi 1
ubuntucve 1
checkpoint_advisories 1
prion 1
openvas 10
nessus 22
suse 5
redhat 6
threatpost 1
securityvulns 2
ibm 1
seebug 1
gentoo 1
cve
cve
CVE-2011-3545
2011-10-19 21:55:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:55:59
zdi
zdi
Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability
2011-10-26 00:00:00
ubuntucve
ubuntucve
CVE-2011-3545
2011-10-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java Array Index Out-of-Bounds Code Execution (CVE-2011-3545)
2012-03-19 00:00:00
prion
prion
Design/Logic Flaw
2011-10-19 21:55:00
openvas
openvas
Oracle Java SE 1.4, 5, 6 Multiple Vulnerabilities (cpuoct2011) - Windows
2011-11-15 00:00:00
Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows03)
2011-11-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0122-2)
2021-06-09 00:00:00
nessus
nessus
RHEL 4 / 5 / 6 : java-1.5.0-ibm (RHSA-2011:1478)
2011-11-26 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7862)
2011-12-13 00:00:00
SuSE 11.1 Security Update : IBM Java 1.4.2 (SAT Patch Number 5609)
2012-02-24 00:00:00
suse
suse
Security update for IBM Java (important)
2011-12-02 10:08:33
Security update for IBM Java 1.4.2 (important)
2012-01-26 04:08:11
Security update for IBM Java 1.4.2 (important)
2012-02-23 22:08:13
redhat
redhat
(RHSA-2011:1478) Critical: java-1.5.0-ibm security update
2011-11-24 00:00:00
(RHSA-2012:0006) Critical: java-1.4.2-ibm security update
2012-01-09 00:00:00
(RHSA-2012:0343) Moderate: java-1.4.2-ibm-sap security update
2012-02-29 00:00:00
threatpost
threatpost
Apple Releases New Java Updates, Fix 17 Flaws
2011-11-09 17:09:04
securityvulns
securityvulns
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
2011-11-11 00:00:00
Oracle Java multiple security vulnerabilities
2011-11-11 00:00:00
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:01:55
seebug
seebug
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
JSON
Related for SECURITYVULNS:DOC:27223
cve1veracode1zdi1ubuntucve1checkpoint_advisories1prion1openvas10nessus22suse5redhat6threatpost1securityvulns2ibm1seebug1gentoo1