-
Bug
-
Resolution: Not an Issue
-
P2
-
7
-
x86
-
windows_xp
J2SE Version (please include all output from java -version flag):
All Java 7
Does this problem occur on J2SE 1.4.x, 1.5 or 6? Yes / No (pick one)
No
Operating System Configuration Information (be specific):
Windows Vista Business SP2
Hardware Configuration Information (be specific):
HP Pavillion dv9000
Windows Vista Business SP2 32 bit
3 GB RAM
Intel Core 2 Duo T9300
Bug Description:
Upgraded our firewall and can no longer download the JRE. We can download the JDK, but the JRE is stopped by the virus scanner on the firewall. This is not a problem with any JRE 6 release. This happens with any (and all) JRE 7 releases.
Attack ID: CPAI-2011-333
Last Update: 12-July-2011
Industry References: CVE-2011-1284
Supported Products: Security Gateway: R70, R71, R75
VPN-1 Power/UTM: NGX R65
VPN-1 Power VSX: NGX R65
Threat Description:
An elevation of privilege vulnerability has been reported in Windows CSRSS. Remote attackers can exploit this vulnerability to run arbitrary code in kernel mode.
The vulnerability is due to an integer overflow condition that could enable an attacker to execute code in the context of the system account. Successful exploitation of the vulnerability may lead to arbitrary code execution in kernel mode, resulting in complete control of an attacker over an affected system.
IPS Protection:
This protection will detect and block attempts to exploit this vulnerability.
Attack Detection:
Attack Name: Content Protection Violation
Attack Information: Microsoft Windows CSRSS SrvWriteConsoleOutput code execution (MS11-056)
Steps to Reproduce (be specific):
This happens whenever I try to download any JRE 7 version X86 or X64.
Interaction with the customer did not shed more light on the issue.
Roger Lewis' team will engage with the firewall vendor to see if they intended to block Java 7.
11/17/2011 Contacted Checkpoint Software Technologies Ltd.
Spoke to a person named "Givem", I explained to her the whole problem that the latest version of Checkpoint anti-virus signature file is rejecting JRE 7. She advised me that since Oracle does not have Checkpoint customer support agreement they would not be able to help me all together, and therfore could not open a case against this issue either. They highly recommended to have the user who was having issue, contacting checkpoint technical support department directly to resolve this issue.
Shak
All Java 7
Does this problem occur on J2SE 1.4.x, 1.5 or 6? Yes / No (pick one)
No
Operating System Configuration Information (be specific):
Windows Vista Business SP2
Hardware Configuration Information (be specific):
HP Pavillion dv9000
Windows Vista Business SP2 32 bit
3 GB RAM
Intel Core 2 Duo T9300
Bug Description:
Upgraded our firewall and can no longer download the JRE. We can download the JDK, but the JRE is stopped by the virus scanner on the firewall. This is not a problem with any JRE 6 release. This happens with any (and all) JRE 7 releases.
Attack ID: CPAI-2011-333
Last Update: 12-July-2011
Industry References: CVE-2011-1284
Supported Products: Security Gateway: R70, R71, R75
VPN-1 Power/UTM: NGX R65
VPN-1 Power VSX: NGX R65
Threat Description:
An elevation of privilege vulnerability has been reported in Windows CSRSS. Remote attackers can exploit this vulnerability to run arbitrary code in kernel mode.
The vulnerability is due to an integer overflow condition that could enable an attacker to execute code in the context of the system account. Successful exploitation of the vulnerability may lead to arbitrary code execution in kernel mode, resulting in complete control of an attacker over an affected system.
IPS Protection:
This protection will detect and block attempts to exploit this vulnerability.
Attack Detection:
Attack Name: Content Protection Violation
Attack Information: Microsoft Windows CSRSS SrvWriteConsoleOutput code execution (MS11-056)
Steps to Reproduce (be specific):
This happens whenever I try to download any JRE 7 version X86 or X64.
Interaction with the customer did not shed more light on the issue.
Roger Lewis' team will engage with the firewall vendor to see if they intended to block Java 7.
11/17/2011 Contacted Checkpoint Software Technologies Ltd.
Spoke to a person named "Givem", I explained to her the whole problem that the latest version of Checkpoint anti-virus signature file is rejecting JRE 7. She advised me that since Oracle does not have Checkpoint customer support agreement they would not be able to help me all together, and therfore could not open a case against this issue either. They highly recommended to have the user who was having issue, contacting checkpoint technical support department directly to resolve this issue.
Shak