Oval Definition:oval:org.mitre.oval:def:11700
Revision Date:2010-09-06Version:6
Title:Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.
Description:Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-2788
Platform(s):Red Hat Enterprise Linux Extras 3
Red Hat Enterprise Linux Extras 4
Red Hat Enterprise Linux Extras 5
Product(s):
Definition Synopsis
  • AND
  • redhat-release is version 3
  • java-1.4.2-ibm-devel is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR java-1.4.2-ibm is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR java-1.4.2-bea is earlier than 0:1.4.2.16-1jpp.1.el3
  • OR java-1.4.2-ibm-src is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR java-1.4.2-bea-devel is earlier than 0:1.4.2.16-1jpp.1.el3
  • OR java-1.4.2-bea-jdbc is earlier than 0:1.4.2.16-1jpp.1.el3
  • OR java-1.4.2-ibm-plugin is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR java-1.4.2-ibm-demo is earlier than 0:1.4.2.9-1jpp.1.el3
  • OR
  • redhat-release is version 4
  • java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.5.0-ibm-devel is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.4.2-ibm-devel is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.4.2-bea is earlier than 0:1.4.2.16-1jpp.1.el4
  • OR java-1.4.2-ibm-src is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.4.2-bea-devel is earlier than 0:1.4.2.16-1jpp.1.el4
  • OR java-1.4.2-bea-jdbc is earlier than 0:1.4.2.16-1jpp.1.el4
  • OR java-1.4.2-ibm-plugin is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.5.0-ibm-plugin is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.5.0-bea-jdbc is earlier than 0:1.5.0.11-1jpp.2.el4
  • OR java-1.4.2-ibm-demo is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.5.0-bea is earlier than 0:1.5.0.11-1jpp.2.el4
  • OR java-1.5.0-ibm-src is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.5.0-ibm-demo is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.4.2-ibm is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.4.2-ibm-javacomm is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.5.0-bea-src is earlier than 0:1.5.0.11-1jpp.2.el4
  • OR java-1.5.0-bea-demo is earlier than 0:1.5.0.11-1jpp.2.el4
  • OR java-1.5.0-ibm is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.5-1jpp.2.el4
  • OR java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.9-1jpp.1.el4
  • OR java-1.5.0-bea-devel is earlier than 0:1.5.0.11-1jpp.2.el4
  • OR
  • redhat-release is version 5
  • java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.5.0-ibm-devel is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.4.2-bea-missioncontrol is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-ibm-devel is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.4.2-bea is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-ibm-src is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.4.2-bea-devel is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-bea-jdbc is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.4.2-ibm-plugin is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.5.0-ibm-plugin is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.5.0-bea-jdbc is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.4.2-ibm-demo is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.5.0-bea is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.4.2-bea-demo is earlier than 0:1.4.2.16-1jpp.1.el5
  • OR java-1.5.0-ibm-src is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.5.0-ibm-demo is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.4.2-ibm is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.5.0-bea-src is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.5.0-bea-missioncontrol is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.4.2-ibm-javacomm is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.5.0-ibm is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.5.0-bea-demo is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.5-1jpp.0.1.el5
  • OR java-1.4.2-ibm-jdbc is earlier than 0:1.4.2.9-1jpp.1.el5
  • OR java-1.5.0-bea-devel is earlier than 0:1.5.0.11-1jpp.1.el5
  • OR java-1.4.2-bea-src is earlier than 0:1.4.2.16-1jpp.1.el5
    • BACK