List of Currently Exploited Sun Java Vulnerabilities

The following is a list of Sun Java runtime vulnerabilites that have reliable exploits and are commonly found in today’s crimeware packs. This list is current for all publicly available crimeware packs as of 07 April 2011.

For organizations that cannot simply update all Sun Java runtime instances to the latest fully patched version available, this list can be used as a starting point to ensure that you have appropriate blocks configured in your IPS systems. If any of these aren’t enabled by default from your IPS vendor, you should consider adding those to your block/notify list.

Sun Java Calendar Deserialization (CVE-2008-5353)
JRE getSoundBank Stack BOF (CVE-2009-3867)
Java Web Start (CVE-2010-0886)
Java RMIConnectionImpl Object Deserialization (CVE-2010-0094)
Java Trusted Method Chaining (CVE-2010-0840)
Java Deployment Toolkit Remote Argument Injection Vulnerability (CVE-2010-1423)
Java GIF file parsing vulnerability (CVE-2007-0243)
Java Deployment Toolkit ActiveX (CVE-2009-1671)
Java Midi Parse (CVE-2010-0842)
Sun Java Runtime New Plugin docbase Buffer Overflow (CVE-2010-4452)

ORIGINAL – 24 Oct 2010
UPDATED 11 Feb 2011 for Java Deployment Toolkit ActiveX (CVE-2009-1671)
UPDATED 13 Feb 2011 for Java Midi Parse (CVE-2010-0842)
UPDATED 07 April 2011 for Sun Java Runtime New Plugin docbase Buffer Overflow (CVE-2010-4452)

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity
Twitter: twitter.com/patchmanagement

Share

One Response to “List of Currently Exploited Sun Java Vulnerabilities”

  1. Anonymous said:

    Apr 12, 11 at 4:26 am

    I can tell you, based on the CVE numbers, the TippingPoint IDS covers only 2 of those 10 vulnerabilities. 20% coverage is not so great…


Leave a Reply