-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0110 Title: UPDATED - Oracle Java Runtime Environment Remote Code Execution Vulnerability. Fix is available from Oracle [8] Version history: 30.08.2012 Initial publication 31/08/2012 CVE-2012-3108 - Updates are marked with NEW !! Summary ======= Oracle Java Runtime Environment (JRE) is prone to a remote code execution vulnerability. [1] NEW !! CIMBL-2012-023 makes reference to some of the domains hosting the exploit. CVSS Base Score CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) [2,4] Affected Versions ================= This vulnerability affects Oracle JRE 1.7.0 Update 6; prior versions may also be affected. Original Details ================ An attacker can exploit this issue to bypass Java sandbox restrictions and load additional classes to execute arbitrary code in the context of the application. [1] By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system. [3] The issue is being exploited in limited targeted attacks. The following exploits are available: /data/vulnerabilities/exploits/55213.java /data/vulnerabilities/exploits/55213.rb What can you do? ================ NEW !! Patch is available from Oracle. Java SE fixes in this Security Alert are cumulative; this latest update includes all fixes from previous Critical Patch Updates and Security Alerts. [8] Workaround: Disable the Java Plug-in [7] Disabling the Java web browser plug-in will prevent Java applets from from running. Here are instructions for several common web browsers: Mozilla Firefox: How to turn off Java applets [5] Microsoft Internet Explorer: Change the value of the UseJava2IExplorer registry key to 0. Depending on the versions of Windows and the Java plug-in, the key can be found in these locations: [6] HKLM\Software\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer HKLM\Software\Wow6432Node\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer The Java Control Panel (javacpl.exe) does not reliably configure the Java plug-in for Internet Explorer. Instead of editing the registry, it is possible to run javacpl.exe as Administrator, navigate to the Advanced tab, Default Java for browsers, and use the space bar to de-select the Microsoft Internet Explorer option. What to tell your users ======================= Normal security best practices apply. Especially, inform your Web users to be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Users are to be aware not to click on the link in suspicious emails to immediately forward the suspicious email to the respective IT security officer / contact in your institution. More information ================ [1] http://www.securityfocus.com/bid/55213/discuss [2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4681 [3] http://www.kb.cert.org/vuls/id/636312 [4] Information about CVSS: http://www.first.org/cvss/cvss-guide.html [5] https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets1 [6] http://www.kb.cert.org/vuls/id/636312 [7] http://www.auscert.org.au/render.html?it=16262 NEW !! [8] http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html Best regards, CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJQQKRVAAoJEPpzpNLI8SVoz04P/06nFBGm8cchtI9ZS5CUbUXk OoXA3Kwkhe+MRdcqDjmqVXV69d7108vS7vh+CscvyvIY621a4bHz9sXMevYWxPTo wJ6vPe1KvIJNMnuzDpzJYWucfYwzY5q3ozJRB4attp5TV4+OZp5IzwWnnhUaxGMy daxRHdZexjFmNfaXfrq8PjA3JhJG+jDu9T1hSvIdt3dCog7Wzf9h486zgq0v/JqL RU0La6qM0p899ICSAwz4jdIb05qP8yCrTbUqJZ6TRYBTH4qr9htqLqz8jEfZ6dxm 0CVGV9S+A5k5hVZk1vTQ8zIyIwfO8wkUmajoVYSmnwicNEdI0ugG8YBkNt6O55ez MSDmVXwkP52EA53nCVj6q9800VP68tABVb7Ciwqpx8xEXDsOzPzefHI6C1Wg2Sp6 9VdCujw7xmRLzdnnIIx1OcuGTZI+w+iVKp29eVsEvWpqpYg+B9lDt6iPvmZNGR3u M+HRqqR1sBBmUZVmHH4i1PYAzy5jsQQTSrxncXZGLgB6YybFiEgmarqktx9ELFyC 8NTK4ZzFIJRS/lfelNHoxJSZy7wCNFmdDxTFT+OFiXMuqVsQ5X7wy+qsJdzKiVBM lVcssN0vZPIJNSgbiBKi0MqwM0r4VdRqZX3j/r5K4nZRv355Q6wss/djcP3eEdr4 LKUvZBzlVnWrbQRSeMf2 =1B84 -----END PGP SIGNATURE-----