Sign-up

ID

VAR-201005-0874


CVE

CVE-2010-0539


TITLE

Java of window drawing An arbitrary code execution vulnerability in the implementation

Trust: 0.8

sources: JVNDB: JVNDB-2010-001505

DESCRIPTION

Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted applet. Successful exploits will allow an attacker to run arbitrary code in the context of the affected software. Failed exploit attempts may result in denial-of-service conditions. This issue affects the following: Mac OS X 10.5.8 (and prior versions) Mac OS X Server 10.5.8 (and prior versions) Mac OS X 10.6.3 (and prior versions) Mac OS X Server 10.6.3 (and prior versions). ---------------------------------------------------------------------- Looking for a job? Secunia is hiring skilled researchers and talented developers. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or to compromise a user's system. For more information: SA34451 SA37255 SA39260 1) An error in the handling of mediaLibImage objects can be exploited to cause an out-of-bounds memory access and potentially execute arbitrary code when a user e.g. visits a web page containing a specially crafted Java applet. 2) A signedness error when drawing windows can be exploited to corrupt memory and potentially execute arbitrary code when a user e.g. visits a web page containing a specially crafted Java applet. SOLUTION: Apply updates. http://support.apple.com/kb/DL971 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Marc Schoenefeld, University of Bamberg. 2) The vendor credits Jonathan Bringhurst of Northrop Grumman, and Jeffrey Czerniak. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4170 http://support.apple.com/kb/HT4171 OTHER REFERENCES: SA34451: http://secunia.com/advisories/34451/ SA37255: http://secunia.com/advisories/37255/ SA39260: http://secunia.com/advisories/39260/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-0539 // JVNDB: JVNDB-2010-001505 // BID: 40240 // VULHUB: VHN-43144 // PACKETSTORM: 89697

AFFECTED PRODUCTS

vendor:applemodel:java 1.6scope:eqversion:0

Trust: 1.6

vendor:applemodel:java 1.5scope:eqversion:0

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.3

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.3

Trust: 0.8

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

sources: BID: 40240 // JVNDB: JVNDB-2010-001505 // CNNVD: CNNVD-201005-313 // NVD: CVE-2010-0539

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0539
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-0539
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201005-313
value: MEDIUM

Trust: 0.6

VULHUB: VHN-43144
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-0539
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-43144
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-43144 // JVNDB: JVNDB-2010-001505 // CNNVD: CNNVD-201005-313 // NVD: CVE-2010-0539

PROBLEMTYPE DATA

problemtype:CWE-189

Trust: 1.9

sources: VULHUB: VHN-43144 // JVNDB: JVNDB-2010-001505 // NVD: CVE-2010-0539

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201005-313

TYPE

digital error

Trust: 0.6

sources: CNNVD: CNNVD-201005-313

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001505

PATCH
title:HT4170url:http://support.apple.com/kb/HT4170
Trust: 0.8
title:HT4171url:http://support.apple.com/kb/HT4171
Trust: 0.8
title:HT4170url:http://support.apple.com/kb/HT4170?viewlocale=ja_JP
Trust: 0.8
title:HT4171url:http://support.apple.com/kb/HT4171?viewlocale=ja_JP
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-001505

EXTERNAL IDS
db:BIDid:40240
Trust: 2.8
db:NVDid:CVE-2010-0539
Trust: 2.8
db:SECUNIAid:39819
Trust: 2.6
db:SECTRACKid:1024012
Trust: 2.5
db:VUPENid:ADV-2010-1191
Trust: 2.5
db:JVNDBid:JVNDB-2010-001505
Trust: 0.8
db:CNNVDid:CNNVD-201005-313
Trust: 0.7
db:APPLEid:APPLE-SA-2010-05-18-2
Trust: 0.6
db:APPLEid:APPLE-SA-2010-05-18-1
Trust: 0.6
db:VULHUBid:VHN-43144
Trust: 0.1
db:PACKETSTORMid:89697
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43144 // 
            
            
            
            BID: 40240 // 
            
            
            
            JVNDB: JVNDB-2010-001505 // 
            
            
            
            PACKETSTORM: 89697 // 
            
            
            
            CNNVD: CNNVD-201005-313 // 
            
            
            
            NVD: CVE-2010-0539

REFERENCES
url:http://www.securityfocus.com/bid/40240
Trust: 2.5
url:http://securitytracker.com/id?1024012
Trust: 2.5
url:http://secunia.com/advisories/39819
Trust: 2.5
url:http://www.vupen.com/english/advisories/2010/1191
Trust: 2.5
url:http://support.apple.com/kb/ht4170
Trust: 1.8
url:http://support.apple.com/kb/ht4171
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2010//may/msg00001.html
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2010//may/msg00002.html
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0539
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0539
Trust: 0.8
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://support.apple.com/kb/dl972
Trust: 0.1
url:http://secunia.com/advisories/39819/
Trust: 0.1
url:http://support.apple.com/kb/dl971
Trust: 0.1
url:http://secunia.com/company/jobs/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/34451/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/39260/
Trust: 0.1
url:http://secunia.com/advisories/37255/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43144 // 
            
            
            
            BID: 40240 // 
            
            
            
            JVNDB: JVNDB-2010-001505 // 
            
            
            
            PACKETSTORM: 89697 // 
            
            
            
            CNNVD: CNNVD-201005-313 // 
            
            
            
            NVD: CVE-2010-0539

CREDITS
Jonathan Bringhurst of Northrop Grumman, Jeffrey Czerniak
Trust: 0.3
sources:
            
            
            BID: 40240

SOURCES
db:VULHUBid:VHN-43144
db:BIDid:40240
db:JVNDBid:JVNDB-2010-001505
db:PACKETSTORMid:89697
db:CNNVDid:CNNVD-201005-313
db:NVDid:CVE-2010-0539

LAST UPDATE DATE
2025-04-11T22:19:17.171000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-43144date:2010-05-24T00:00:00
db:BIDid:40240date:2010-05-18T00:00:00
db:JVNDBid:JVNDB-2010-001505date:2010-06-07T00:00:00
db:CNNVDid:CNNVD-201005-313date:2010-05-25T00:00:00
db:NVDid:CVE-2010-0539date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-43144date:2010-05-21T00:00:00
db:BIDid:40240date:2010-05-18T00:00:00
db:JVNDBid:JVNDB-2010-001505date:2010-06-07T00:00:00
db:PACKETSTORMid:89697date:2010-05-19T05:58:57
db:CNNVDid:CNNVD-201005-313date:2010-05-25T00:00:00
db:NVDid:CVE-2010-0539date:2010-05-21T19:30:01.647