Login   |   Secure Purdue > News

Security Hole in Java Web Start Could Provide Privilege Escalation

If you use Java Web Start on your computer, now is the time to update to JRE 5.0 Update 12 or later (JDK) or JRE 1.4.2_14 or later (SDK).  An unspecified error in Java Web Start allows an untrusted application to escalate its own privileges in order to overwrite any file that is "writable" by the current user running the application.  Even further, the user's ".java.policy" file can be overwritten which allows the application to summon applets or other Java Web Start applications which could execute arbitrary code with the same privilege level as the user running the application.

The following Java Web Start releases are vulnerable:

Windows:

-Java Web Start in JDK and JRE 5.0 Update 11 and earlier

-Java Web Start in SDK and JRE 1.4.2_13 and earlier

If unable to update for some reason, the workaround is to disable Java Web Start applications from being lunch via web browser.

Linux and Solaris Operating Systems are not vulnerable to this particular issue.

References:

Sun Microsystems

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1

Secunia

http://secunia.com/advisories/25823/

Posted by Kitch Spicer on June 29, 2007, in Handlers Log.