* Technical Description *
Multiple vulnerabilities were identified in Java on Apple Mac OS X, which could be exploited by remote or local attackers to bypass certain security restrictions, disclose sensitive information, or gain elevated privileges.
The first issue is due to a race condition when handling a temporary directory, which could be exploited by local attackers to corrupt or create arbitrary files.
The second flaw is due to a race condition in the privileged helper that creates temporary files insecurely when updating Java shared archives, which could be exploited by local attackers to corrupt or create arbitrary files.
The third vulnerability is due to an unspecified error when launching the utility used to update Java shared archives, which could be exploited by malicious users to execute arbitrary commands with elevated privileges.
The fourth issue is due to an unspecified error when handling specially crafted applets, which may be exploited by malicious web sites to bypass the default security policy and read/write arbitrary files on a vulnerable system with the privileges of the user running the untrusted applet.
The fifth flaw is due to an error where it is possible for the same port to be opened as a Java ServerSocket multiple times, which could allow a Java program to intercept data intended for the ServerSocket of a different Java program.
* Affected Products *
Mac OS X 10.4.2
Mac OS X 10.3.9
* Solution *
Upgrade to Java version 1.4.2_09 or 1.3.1_16 :
http://www.apple.com/support/downloads/ * References *
http://www.frsirt.com/english/advisories/2005/1734http://docs.info.apple.com/article.html?artnum=302266http://docs.info.apple.com/article.html?artnum=302265
AlphaOne Technology Support Forums
Author
Logged
