Vulnerability Name: | CVE-2009-1097 (CCN-49474) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2009-03-24 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Published: | 2009-03-24 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2018-10-10 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Summary: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2009-1097 Source: HP Type: UNKNOWN SSRT090058 Source: CCN Type: HP Security Bulletin HPSBMA02445 SSRT090058 rev.1 HP Serviceguard Manager, Remote Execution of Arbitrary Code, Denial of Service (DoS) Source: IDEFENSE Type: UNKNOWN 20090326 Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability Source: IDEFENSE Type: UNKNOWN 20090326 Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability Source: SUSE Type: UNKNOWN SUSE-SA:2009:016 Source: SUSE Type: UNKNOWN SUSE-SA:2009:029 Source: SUSE Type: UNKNOWN SUSE-SA:2009:036 Source: HP Type: UNKNOWN HPSBUX02429 Source: CCN Type: RHSA-2009-0377 Important: java-1.6.0-openjdk security update Source: CCN Type: RHSA-2009-0392 Critical: java-1.6.0-sun security update Source: CCN Type: RHSA-2009-1038 Critical: java-1.5.0-ibm security update Source: CCN Type: RHSA-2009-1198 Critical: java-1.6.0-ibm security update Source: CCN Type: RHSA-2010-0043 Low: Red Hat Network Satellite Server IBM Java Runtime security update Source: SECUNIA Type: Vendor Advisory 34489 Source: SECUNIA Type: Vendor Advisory 34496 Source: SECUNIA Type: Vendor Advisory 34632 Source: SECUNIA Type: Vendor Advisory 34675 Source: SECUNIA Type: Vendor Advisory 35156 Source: SECUNIA Type: Vendor Advisory 35223 Source: SECUNIA Type: Vendor Advisory 35255 Source: CCN Type: SA35776 Oracle Products Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 35776 Source: SECUNIA Type: Vendor Advisory 36185 Source: SECUNIA Type: Vendor Advisory 37386 Source: CCN Type: SA37460 VMware Products Update for Multiple Packages Source: SECUNIA Type: Vendor Advisory 37460 Source: GENTOO Type: UNKNOWN GLSA-200911-02 Source: CCN Type: SECTRACK ID: 1021913 Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and Fonts Lets Remote Users Gain Privileges on the Target System Source: SUNALERT Type: Patch, Vendor Advisory 254571 Source: CCN Type: Sun Alert ID: 254571 Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm Source: CCN Type: ASA-2009-108 java-1.6.0-sun security update (RHSA-2009-0392) Source: CCN Type: ASA-2009-121 Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated (Sun 254571) Source: CCN Type: ASA-2009-182 java-1.5.0-ibm security update (RHSA-2009-1038) Source: CCN Type: NORTEL BULLETIN ID: 2009009464, Rev 1 Nortel Response to Multiple Sun Java SE Vulnerabilities: Source: DEBIAN Type: UNKNOWN DSA-1769 Source: DEBIAN Type: DSA-1769 openjdk-6 -- several vulnerabilities Source: MANDRIVA Type: UNKNOWN MDVSA-2009:137 Source: MANDRIVA Type: UNKNOWN MDVSA-2009:162 Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html Source: REDHAT Type: UNKNOWN RHSA-2009:0392 Source: REDHAT Type: UNKNOWN RHSA-2009:1038 Source: BUGTRAQ Type: UNKNOWN 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components Source: BID Type: UNKNOWN 34240 Source: CCN Type: BID-34240 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities Source: SECTRACK Type: UNKNOWN 1021913 Source: CCN Type: USN-748-1 OpenJDK vulnerabilities Source: UBUNTU Type: UNKNOWN USN-748-1 Source: CONFIRM Type: UNKNOWN http://www.vmware.com/security/advisories/VMSA-2009-0016.html Source: VUPEN Type: Vendor Advisory ADV-2009-1426 Source: VUPEN Type: Vendor Advisory ADV-2009-3316 Source: XF Type: UNKNOWN jre-png-bo(49474) Source: XF Type: UNKNOWN jre-gif-file-bo(49475) Source: CCN Type: iDefense PUBLIC ADVISORY: 03.26.09 Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11241 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:6288 Source: REDHAT Type: UNKNOWN RHSA-2009:0377 Source: REDHAT Type: UNKNOWN RHSA-2009:1198 Source: SUSE Type: SUSE-SA:2009:016 Sun Java Security Update Source: SUSE Type: SUSE-SA:2009:036 IBM Java 6 SR 5 update | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Name: | CVE-2009-1097 (CCN-49476) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2009-03-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Published: | 2009-03-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2018-10-10 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Summary: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2009-1097 Source: CCN Type: HP Security Bulletin HPSBMA02445 SSRT090058 rev.1 HP Serviceguard Manager, Remote Execution of Arbitrary Code, Denial of Service (DoS) Source: CCN Type: RHSA-2009-0377 Important: java-1.6.0-openjdk security update Source: CCN Type: RHSA-2009-0392 Critical: java-1.6.0-sun security update Source: CCN Type: RHSA-2009-1038 Critical: java-1.5.0-ibm security update Source: CCN Type: RHSA-2009-1198 Critical: java-1.6.0-ibm security update Source: CCN Type: RHSA-2010-0043 Low: Red Hat Network Satellite Server IBM Java Runtime security update Source: CCN Type: SA35776 Oracle Products Multiple Vulnerabilities Source: CCN Type: SA37460 VMware Products Update for Multiple Packages Source: CCN Type: SECTRACK ID: 1021913 Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and Fonts Lets Remote Users Gain Privileges on the Target System Source: CCN Type: Sun Alert ID: 254571 Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated Source: CCN Type: ASA-2009-108 java-1.6.0-sun security update (RHSA-2009-0392) Source: CCN Type: ASA-2009-121 Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated (Sun 254571) Source: CCN Type: ASA-2009-182 java-1.5.0-ibm security update (RHSA-2009-1038) Source: CCN Type: NORTEL BULLETIN ID: 2009009464, Rev 1 Nortel Response to Multiple Sun Java SE Vulnerabilities: Source: DEBIAN Type: DSA-1769 openjdk-6 -- several vulnerabilities Source: CCN Type: BID-34240 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities Source: CCN Type: USN-748-1 OpenJDK vulnerabilities Source: XF Type: UNKNOWN jws-gif-bo(49476) Source: CCN Type: iDefense PUBLIC ADVISORY: 03.26.09 Sun Java Web Start (JWS) GIF Decoding Heap Corruption Vulnerability Source: SUSE Type: SUSE-SA:2009:016 Sun Java Security Update Source: SUSE Type: SUSE-SA:2009:036 IBM Java 6 SR 5 update | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
BACK |