fkie_cve-2009-1097
Vulnerability from fkie_nvd
Published
2009-03-25 23:30
Modified
2024-11-21 01:01
Severity ?
Summary
Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_12:*:*:*:*:*:*",
"matchCriteriaId": "8C826CA0-A25F-4A10-BD9E-791372BF8F06",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_12:*:*:*:*:*:*",
"matchCriteriaId": "1F38BA27-0EBC-47EC-99BF-A018E0BB0D53",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) versi\u00f3n 6 Update 12 y anteriores, permiten a los atacantes remotos acceder a archivos o ejecutar c\u00f3digo arbitrario por medio de (1) una imagen PNG dise\u00f1ada que desencadena un desbordamiento de enteros durante la asignaci\u00f3n de memoria para su visualizaci\u00f3n en la pantalla de presentaci\u00f3n, tambi\u00e9n se conoce como CR 6804996; y (2) una imagen GIF dise\u00f1ada a partir de la cual se utilizan valores no especificados en el c\u00e1lculo de desplazamientos, conllevando a una corrupci\u00f3n de puntero de objeto, tambi\u00e9n se conoce como CR 6804997."
}
],
"id": "CVE-2009-1097",
"lastModified": "2024-11-21T01:01:41.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-25T23:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01745133"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01745133"
},
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=779"
},
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=780"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=124344236532162\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34489"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34496"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34632"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34675"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35156"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35223"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35255"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35776"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36185"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37386"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37460"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-254571-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1769"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0392.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1038.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34240"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021913"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-748-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1426"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49475"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11241"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6288"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01745133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01745133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=124344236532162\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-254571-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0392.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-748-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1198.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.