The Java plug-in security in Sun and Blackdown Java environments can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system.
Package | dev-java/sun-jdk on the x86 amd64 architecture |
---|---|
Affected versions | < 1.4.2.06 |
Unaffected versions | >= 1.4.2.06 |
Package | dev-java/sun-jre-bin on the x86 amd64 architecture |
---|---|
Affected versions | < 1.4.2.06 |
Unaffected versions | >= 1.4.2.06 |
Package | dev-java/blackdown-jdk on the x86 amd64 architecture |
---|---|
Affected versions | < 1.4.2.01 |
Unaffected versions | >= 1.4.2.01 |
Package | dev-java/blackdown-jre on the x86 amd64 architecture |
---|---|
Affected versions | < 1.4.2.01 |
Unaffected versions | >= 1.4.2.01 |
Sun and Blackdown both provide implementations of Java Development Kits (JDK) and Java Runtime Environments (JRE). All these implementations provide a Java plug-in that can be used to execute Java applets in a restricted environment for web browsers.
All Java plug-ins are subject to a vulnerability allowing unrestricted Java package access.
A remote attacker could embed a malicious Java applet in a web page and entice a victim to view it. This applet can then bypass security restrictions and execute any command or access any file with the rights of the user running the web browser.
As a workaround you could disable Java applets on your web browser.
All Sun JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.4.2.06"
All Sun JRE users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.4.2.06"
All Blackdown JDK users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/blackdown-jdk-1.4.2.01"
All Blackdown JRE users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/blackdown-jre-1.4.2.01"
Note: You should unmerge all vulnerable versions to be fully protected.