Sun Java Micro Edition (ME) Multiple Unspecified Security-Bypass Vulnerabilities

Bugtraq ID:	30591
Class:	Access Validation Error
CVE:	CVE-2008-3553 CVE-2008-3551
Remote:	Yes
Local:	No
Published:	Aug 07 2008 12:00AM
Updated:	Jul 05 2016 09:38PM
Credit:	Security Explorations
Vulnerable:	Sun Java Wireless Toolkit 2.5.2 Sun Java 2 Micro Edition Nokia Series 40 0
Not Vulnerable:

Sun Java Micro Edition (ME) Multiple Unspecified Security-Bypass Vulnerabilities

Sun Java Micro Edition (ME) is prone to two unspecified vulnerabilities that can be leveraged to bypass Java security restrictions.

Successful exploits will completely compromise devices running the affected software.

We were not told which versions are affected. We will update this BID as more information emerges.

Sun Java Micro Edition (ME) Multiple Unspecified Security-Bypass Vulnerabilities

Proofs of concept are known to exist, but they have not been publicly disclosed at this time. We will update this BID as more information emerges.

Sun Java Micro Edition (ME) Multiple Unspecified Security-Bypass Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Sun Java Micro Edition (ME) Multiple Unspecified Security-Bypass Vulnerabilities

References:

• Java ME Homepage (Sun)
  
• [SE-2008-01] J2ME Security Vulnerabilities 2008 (Security Explorations )