Oval Definition:oval:org.mitre.oval:def:22710
Revision Date:2014-05-26Version:36
Title:ELSA-2009:1236: java-1.5.0-ibm security update (Critical)
Description:Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-2625
CVE-2009-2670
CVE-2009-2671
CVE-2009-2672
CVE-2009-2673
CVE-2009-2675
ELSA-2009:1236-01
Platform(s):Oracle Linux 5
Product(s):java-1.5.0-ibm
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-accessibility is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-src is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-plugin is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-devel is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-demo is earlier than 1:1.5.0.10-1jpp.4.el5
  • OR java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.10-1jpp.4.el5
  • BACK