CVE-2010-4351
Red Hat OpenJDK IcedTea6 ClassLoader Remote Code Execution Vulnerability
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
El JNLP SecurityManager en IcedTea (IcedTea.so) v1.7 anteriores a v1.7.7, v1.8 anteriores a v1.8.4 y v1.9 anteriores a v1.9.4 de Java OpenJDK devuelve desde el método checkPermission una excepción en determinadas circunstancias, lo que podría permitir a atacantes dependientes del contexto eludir la política de protección establecida mediante la creación de instancias de ClassLoader.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Java OpenJDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the IcedTea.so component. When handling the an applet the process fails to properly restrict permission of code. It is possible to create and instantiate subclasses of ClassLoader. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
*Credits:
Anonymous
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-11-30 CVE Reserved
- 2011-01-18 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-305: Authentication Bypass by Primary Weakness
CAPEC
References (23)
| URL | Tag | Source |
|---|---|---|
| http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released | X_refsource_confirm | |
| http://osvdb.org/70605 | Vdb Entry | |
| http://secunia.com/advisories/43078 | Third Party Advisory | |
| http://secunia.com/advisories/43085 | Third Party Advisory | |
| http://secunia.com/advisories/43135 | Third Party Advisory | |
| http://www.securityfocus.com/bid/45894 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0215 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0239 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-014 | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64893 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=663680 | 2011-01-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7 Search vendor "Redhat" for product "Icedtea" and version "1.7" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.1 Search vendor "Redhat" for product "Icedtea" and version "1.7.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.2 Search vendor "Redhat" for product "Icedtea" and version "1.7.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.3 Search vendor "Redhat" for product "Icedtea" and version "1.7.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.4 Search vendor "Redhat" for product "Icedtea" and version "1.7.4" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.5 Search vendor "Redhat" for product "Icedtea" and version "1.7.5" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.6 Search vendor "Redhat" for product "Icedtea" and version "1.7.6" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8 Search vendor "Redhat" for product "Icedtea" and version "1.8" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.1 Search vendor "Redhat" for product "Icedtea" and version "1.8.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.2 Search vendor "Redhat" for product "Icedtea" and version "1.8.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.3 Search vendor "Redhat" for product "Icedtea" and version "1.8.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9 Search vendor "Redhat" for product "Icedtea" and version "1.9" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.1 Search vendor "Redhat" for product "Icedtea" and version "1.9.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.2 Search vendor "Redhat" for product "Icedtea" and version "1.9.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.3 Search vendor "Redhat" for product "Icedtea" and version "1.9.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|