|
[Japanese]
|
JVNDB-2020-000011
|
HtmlUnit vulenerable to arbitrary code execution
|
|
HtmlUnit is a Java-based library which provides web browser functionality to Java programs, and it supports JavaScript evaluation with embedded Mozilla Rhino engine.
Mozilla Rhino engine offers a feature to make Java objects available from JavaScript.
HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application(CWE-284).
Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.
ICHIHARA Ryohei of DMM.com LLC reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
|
CVSS V3 Severity:
Base Metrics 5.6 (Medium) [IPA Score]
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: Low
CVSS V2 Severity:
Base Metrics 5.1 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: High
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: Partial
- Availability Impact: Partial
|
|
|
HtmlUnit
|
|
|
Through man-in-the-middle attack or in some other way, an attacker may lead the target application to evaluate malicious JavaScript code, which executes arbitrary Java code.
|
|
[Update the Software]
Update to the latest version according to the information provided by the developer.
|
|
HtmlUnit
|
|
- Permissions(CWE-264) [IPA Evaluation]
|
|
- CVE-2020-5529
|
|
- JVN : JVN#34535327
|
|
- [2020/02/10]
Web page was published
|
