|
|
|
|
| |
Credit:
The information has been provided by zdi-disclosures@tippingpoint.com.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-09-043
|
| |
Vulnerable Systems:
* Apple Java 1.5 on Mac OS X version 10.5 systems
Multiple vulnerabilities in the "Aqua Look and Feel for Java" implementation may allow an untrusted Java applet to obtain elevated privileges. Visiting a web page containing a maliciously crafted Java applet may lead to arbitrary code execution with elevated privileges. This update addresses the issues by denying access to internal details of Aqua Look and Feel for untrusted Java applets.
The specific flaw exists in the undocumented apple.laf.CColourUIResource(long, int, int ,int, int) constructor. When passing a long integer value as the first argument, the value is interpreted as pointer to an Objective-C object. By constructing a special memory structure and passing the pointer to the first argument an attacker may execute arbitrary code.
Patch Availability:
Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3632
CVE Information:
CVE-2009-1719
Disclosure Timeline:
2009-01-26 - Vulnerability reported to vendor
2009-06-16 - Coordinated public release of advisory
|
|
|
|
|
