FKIE_CVE-2019-11772

Vulnerability from fkie_nvd - Published: 2019-07-17 21:15 - Updated: 2024-11-21 04:21
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
References
emo@eclipse.orghttps://access.redhat.com/errata/RHSA-2019:2585
emo@eclipse.orghttps://access.redhat.com/errata/RHSA-2019:2590
emo@eclipse.orghttps://access.redhat.com/errata/RHSA-2019:2592
emo@eclipse.orghttps://access.redhat.com/errata/RHSA-2019:2737
emo@eclipse.orghttps://bugs.eclipse.org/bugs/show_bug.cgi?id=549075Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2585
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2590
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2592
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2737
af854a3a-2127-422b-91ae-364da2661108https://bugs.eclipse.org/bugs/show_bug.cgi?id=549075Permissions Required, Vendor Advisory
Impacted products
Vendor Product Version
eclipse openj9 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8216721A-F120-418A-9E13-19A1D8DF1BAD",
              "versionEndExcluding": "0.15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager."
    },
    {
      "lang": "es",
      "value": "En OpenJ9 anterior a versi\u00f3n 0.15 de Eclipse, el m\u00e9todo String.getBytes (int, int, byte[], int) no comprueba que la matriz de bytes proporcionada no sea nula ni que el \u00edndice suministrado est\u00e9 dentro de los l\u00edmites cuando est\u00e1 compilado por el JIT. Esto permite escrituras arbitrarias en cualquier direcci\u00f3n de 32 bits o m\u00e1s all\u00e1 del final de una matriz de bytes dentro del c\u00f3digo Java ejecutado bajo un SecurityManager."
    }
  ],
  "id": "CVE-2019-11772",
  "lastModified": "2024-11-21T04:21:45.817",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-17T21:15:11.407",
  "references": [
    {
      "source": "emo@eclipse.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:2585"
    },
    {
      "source": "emo@eclipse.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:2590"
    },
    {
      "source": "emo@eclipse.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:2592"
    },
    {
      "source": "emo@eclipse.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:2737"
    },
    {
      "source": "emo@eclipse.org",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=549075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:2585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:2590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:2592"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:2737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=549075"
    }
  ],
  "sourceIdentifier": "emo@eclipse.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "emo@eclipse.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.