Oracle Java Font Processing Vulnerability (May 31, 2013)
Java is a general-purpose, concurrent, class-based, object-oriented computer programming language that is specifically designed to have as few implementation dependencies as possible. A Java virtual machine (JVM) is a program which executes certain other programs, namely those containing Java bytecode instructions. The JVM bundled together with a set of standard class libraries (that implement the Java API) form the Java Runtime Environment (JRE). The Java Development Kit (JDK) containsa full copy of the JRE, a Java compiler, and many other important development tools.
The most common form of Java used on the web is the Java Applet. Java applets can be used to parse various graphics files located on a remote host. One of the font formats processed by the JRE and JDK is the OpenType Font (OTF) format. A memory corruption vulnerability exists in Oracle JRE and JDK. Specifically, the vulnerability is due to insufficient validation while handling OpenType Font. A remote attacker can exploit this vulnerability by enticing a user to visit a webpage which contains a crafted Java applet. Successful exploitation could lead to arbitrary code execution in the security context of the logged-in user. The vulnerability has been assigned as CVE-2013-1491. Dell SonicWALL has released IPS signatures to detect and block specific exploitation attempts targeting this vulnerability. The signatures are listed below:- 9917 Oracle Java Font Processing Memory Corruption Vulnerability 1
- 9918 Oracle Java Font Processing Memory Corruption Vulnerability 2
- 9919 Oracle Java Font Processing Memory Corruption Vulnerability 3
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
