ID CVE-2019-11772
Summary In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
References
Vulnerable Configurations
  • cpe:2.3:a:eclipse:openj9:0.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.8.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.8.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.10.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.10.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:milestone2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:milestone2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.13.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.13.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:milestone1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:milestone1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:eclipse:openj9:0.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:eclipse:openj9:0.14.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 02-09-2019 - 10:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2019:2585
  • rhsa
    id RHSA-2019:2590
  • rhsa
    id RHSA-2019:2592
  • rhsa
    id RHSA-2019:2737
rpms
  • java-1.8.0-ibm-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-demo-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-devel-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-jdbc-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-plugin-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-src-1:1.8.0.5.40-1jpp.1.el7
  • java-1.8.0-ibm-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-demo-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-devel-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-headless-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-jdbc-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-plugin-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-src-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-webstart-1:1.8.0.5.40-3.el8_0
  • java-1.8.0-ibm-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-demo-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-devel-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-jdbc-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-plugin-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-src-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-1:1.8.0.5.40-1jpp.1.el6_10
  • java-1.8.0-ibm-devel-1:1.8.0.5.40-1jpp.1.el6_10
refmap via4
confirm https://bugs.eclipse.org/bugs/show_bug.cgi?id=549075
Last major update 02-09-2019 - 10:15
Published 17-07-2019 - 21:15
Last modified 02-09-2019 - 10:15
Back to Top