1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: JRE Trusted Method Chaining CVE-2010-0840 6

Web Attack: JRE Trusted Method Chaining CVE-2010-0840 6

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to detect vulnerability in Java which may result in remote code execution.

Additional Information

Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the Java Runtime Environment (JRE).

This issue occurs because the JRE fails to properly validate applets when privileged methods are invoked. Normally, when an untrusted method attempts to invoke a privileged method, Java will verify that the method called is defined within a class with the appropriate privileges. However, this check fails to properly handle an untrusted object which has extended a trusted class and has not overwritten the target method.

Attackers are likely to exploit this issue by enticing an unsuspecting user into running a crafted applet; this may be possible by enticing the user into viewing a malicious webpage.

Attackers can exploit this to call trusted methods in an unsafe manner; this can be leveraged to execute arbitrary code with the privileges of the user invoking the JRE.

Affected

  • Java 6 Update 18, 5.0 Update 23, 1.4.2_25

Response

Download and install all patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube