CVE-2009-1097
25.03.2009, 23:30
Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.Enginsight
| Vendor | Product | Version |
|---|---|---|
| sun | jdk | 𝑥 ≤ 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jre | 𝑥 ≤ 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| openjdk-6 |
| ||||||||||||||||
| sun-java5 |
| ||||||||||||||||
| sun-java6 |
|
Common Weakness Enumeration
References