VAR-200010-0136
Vulnerability from variot - Updated: 2023-12-18 12:14The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. The security model of Apple Mac OS Runtime Java (MRJ) is ignored in the function java.net.URLConnection. Therefore, it is possible to connect directly to any host whereas an applet should only be able to connect to the host that it originated from. Hiromitsu Takagi <takagi@etl.go.jp> illustrates in the following article the dangers of any host being accessed: http://java-house.etl.go.jp/ml/archive/j-h-b/033470.html A malicious website operator could set up applets which could lend itself to download sensitive information in any data format given that the file and path is known. This vulnerability depends on the combination of MRJ and browser version the system is running. To check whether or not your machine is vulnerable, make note of what version of browser and MRJ you are running and visit the following URL: http://java-house.etl.go.jp/ml/archive/j-h-b/033471.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200010-0136",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os runtime for java",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "2.1"
},
{
"model": "mac os runtime for java",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "pre",
"scope": "eq",
"trust": 0.3,
"vendor": "alexander clauss icab",
"version": "2.0"
}
],
"sources": [
{
"db": "BID",
"id": "1336"
},
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:mac_os_runtime_for_java:*:*:java:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Original bug posted to Bugtraq by Ben Mesander \u003cbam@dimensional.com\u003e on April 16, 2000. Additional information provided by Hiromitsu Takagi \u003ctakagi@etl.go.jp\u003e on June 10, 2000.",
"sources": [
{
"db": "BID",
"id": "1336"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-2140",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0563",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200010-123",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-2140",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2140"
},
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. The security model of Apple Mac OS Runtime Java (MRJ) is ignored in the function java.net.URLConnection. Therefore, it is possible to connect directly to any host whereas an applet should only be able to connect to the host that it originated from. \nHiromitsu Takagi \u0026lt;takagi@etl.go.jp\u0026gt; illustrates in the following article the dangers of any host being accessed:\nhttp://java-house.etl.go.jp/ml/archive/j-h-b/033470.html\nA malicious website operator could set up applets which could lend itself to download sensitive information in any data format given that the file and path is known. \nThis vulnerability depends on the combination of MRJ and browser version the system is running. To check whether or not your machine is vulnerable, make note of what version of browser and MRJ you are running and visit the following URL:\nhttp://java-house.etl.go.jp/ml/archive/j-h-b/033471.html",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "BID",
"id": "1336"
},
{
"db": "VULHUB",
"id": "VHN-2140"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-2140",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2140"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0563",
"trust": 2.0
},
{
"db": "BID",
"id": "1336",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000609 SECURITY HOLES FOUND IN URLCONNECTION OF MRJ AND IE OF MAC OS (WAS RE: REAPPEARANCE OF AN OLD IE SECURITY BUG)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20000513 RE: REAPPEARANCE OF AN OLD IE SECURITY BUG",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2140",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2140"
},
{
"db": "BID",
"id": "1336"
},
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"id": "VAR-200010-0136",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2140"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:14:10.928000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1336"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0056.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-05-8\u0026msg=391c95de2da.5e3btakagi%40java-house.etl.go.jp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-05-8\u0026msg=391c95de2da.5e3btakagi@java-house.etl.go.jp"
},
{
"trust": 0.3,
"url": "http://java-house.etl.go.jp/ml/archive/j-h-b/033470.html"
},
{
"trust": 0.3,
"url": "http://java-house.etl.go.jp/~takagi/java/test/urlconnection-direct/test.html"
},
{
"trust": 0.3,
"url": "http://java-house.etl.go.jp/ml/archive/j-h-b/033471.html"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026amp;date=2000-05-8\u0026amp;msg=391c95de2da.5e3btakagi@java-house.etl.go.jp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2140"
},
{
"db": "BID",
"id": "1336"
},
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2140"
},
{
"db": "BID",
"id": "1336"
},
{
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-2140"
},
{
"date": "2000-06-10T00:00:00",
"db": "BID",
"id": "1336"
},
{
"date": "2000-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"date": "2000-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-2140"
},
{
"date": "2009-07-11T02:56:00",
"db": "BID",
"id": "1336"
},
{
"date": "2023-11-07T01:55:20.380000",
"db": "NVD",
"id": "CVE-2000-0563"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "java.net.URLConnection Branch program direct connection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "1336"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-123"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…