Vulnerability CVE-2006-0616 - CERT Civis.Net

Vulnerability Name:

CVE-2006-0616 (CCN-24561)

Assigned:

2006-02-07

Published:

2006-02-07

Updated:

2017-07-20

Summary:

Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2006-0614

Source: MITRE
Type: CNA
CVE-2006-0615

Source: MITRE
Type: CNA
CVE-2006-0616

Source: MITRE
Type: CNA
CVE-2006-0617

Source: CCN
Type: APPLE-SA-2006-04-18 J2SE 5.0 Release 4
About the security content of J2SE 5.0 Release 4

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=303658

Source: CCN
Type: SA18760
Sun Java JRE "reflection" APIs Sandbox Security Bypass Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
18760

Source: SECUNIA
Type: UNKNOWN
18884

Source: CCN
Type: SECTRACK ID: 1015596
Sun Java Runtime Environment (JRE) Reflection API Multiple Bugs Let Applets Gain Elevated Privileges

Source: SECTRACK
Type: UNKNOWN
1015596

Source: CCN
Type: Sun Alert ID: 102171
Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges

Source: SUNALERT
Type: Patch, Vendor Advisory
102171

Source: CCN
Type: GLSA-200602-07
Sun JDK/JRE: Applet privilege escalation

Source: GENTOO
Type: UNKNOWN
GLSA-200602-07

Source: CCN
Type: US-CERT VU#759996
Sun Java Reflection API security bypass vulnerabilities

Source: CERT-VN
Type: US Government Resource
VU#759996

Source: CCN
Type: OSVDB ID: 23091
Sun Java JRE Unspecified reflection API Privilege Escalation (6277246)

Source: CCN
Type: OSVDB ID: 23092
Sun Java JRE Unspecified reflection API Privilege Escalation (6316316)

Source: CCN
Type: OSVDB ID: 23093
Sun Java JRE Unspecified reflection API Privilege Escalation (6316314)

Source: CCN
Type: OSVDB ID: 23094
Sun Java JRE Unspecified reflection API Privilege Escalation (6316322)

Source: CCN
Type: OSVDB ID: 23095
Sun Java JRE Unspecified reflection API Privilege Escalation (6343309)

Source: CCN
Type: OSVDB ID: 23096
Sun Java JRE Unspecified reflection API Privilege Escalation (6343350)

Source: CCN
Type: OSVDB ID: 23097
Sun Java JRE Unspecified reflection API Privilege Escalation (6343342)

Source: CCN
Type: TLSA-2006-4
Multiple vulnerabilities exist in Java

Source: VUPEN
Type: UNKNOWN
ADV-2006-0467

Source: VUPEN
Type: UNKNOWN
ADV-2006-0828

Source: VUPEN
Type: UNKNOWN
ADV-2006-1398

Source: XF
Type: UNKNOWN
sun-jre-reflection-privilege-elevation(24561)

Source: XF
Type: UNKNOWN
sun-jre-reflection-privilege-elevation(24561)

Vulnerable Configuration:

Configuration 1:

cpe:/a:sun:jdk:*:update4:*:*:*:*:*:* (Version <= 1.5.0)

OR cpe:/a:sun:jre:*:update4:*:*:*:*:*:* (Version <= 1.5.0)

Configuration CCN 1:

cpe:/a:sun:jre:1.3.1:-:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:-:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update15:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update16:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update1a:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update4:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update8:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:update1:linux:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:update2:linux:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:update3:linux:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:update4:linux:*:*:*:*:*

OR cpe:/a:sun:jre:1.4.2:update5:linux:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_03:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_08:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_09:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_04:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_05:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_06:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_07:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.4.2_01:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.3.1:update12:*:*:*:*:*:*

OR cpe:/a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*

Denotes that component is vulnerable