2007-05-22 02:30:00 2019-08-01 14:21:17

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Sun JDK 5.0 Update9 Sun JDK 5.0 Update8 Sun JDK 5.0 Update7 Sun JDK 1.5.0_6 Sun JDK 5.0 Update5 Sun JDK 5.0 Update4 Sun JDK 5.0 Update2 Sun JDK 5.0 Update3 Sun JDK 5.0 Update10 Sun JDK 5.0 Update1 Sun Jdk 1.5.0 - (not an official CPE) Sun Jdk 1.6.0 - (not an official CPE) Sun Jre 1.3.1 - (not an official CPE) Sun JRE 1.3.1_2 Sun JRE 1.3.1_03 Sun JRE 1.3.1_04 Sun JRE 1.3.1_05 Sun JRE 1.3.1_06 Sun JRE 1.3.1_07 Sun JRE 1.3.1_08 Sun JRE 1.3.1_09 Sun JRE 1.3.1_10 Sun JRE 1.3.1_11 Sun JRE 1.3.1_12 Sun JRE 1.3.1_13 Sun JRE 1.3.1_14 Sun JRE 1.3.1_15 Sun JRE 1.3.1_16 Sun JRE 1.3.1_17 Sun JRE 1.3.1_18 Sun JRE 1.3.1_19 Sun JRE 1.3.1_20 Sun Jre 1.4.2 - (not an official CPE) Sun JRE 1.4.2_1 Sun JRE 1.4.2_2 Sun JRE 1.4.2_3 Sun JRE 1.4.2_4 Sun JRE 1.4.2_5 Sun JRE 1.4.2_6 Sun JRE 1.4.2_7 Sun JRE 1.4.2_8 Sun JRE 1.4.2_9 Sun JRE 1.4.2_10 Sun JRE 1.4.2_11 Sun JRE 1.4.2_12 Sun JRE 1.4.2_13 Sun JRE 1.4.2_14 Sun Jre 1.5.0 - (not an official CPE) Sun JRE 1.5.0_1 (JRE 5.0 Update 1) Sun JRE 1.5.0_10 (JRE 5.0 Update 10) Sun JRE 1.5.0_2 (JRE 5.0 Update 2) Sun JRE 1.5.0_3 (JRE 5.0 Update 3) Sun JRE 1.5.0_4 (JRE 5.0 Update 4) Sun JRE 1.5.0_5 (JRE 5.0 Update 5) Sun JRE 1.5.0_6 (JRE 5.0 Update 6) Sun JRE 1.5.0_7 (JRE 5.0 Update 7) Sun JRE 1.5.0_8 (JRE 5.0 Update 8) Sun JRE 1.5.0_9 (JRE 5.0 Update 9) Sun Jre 1.6.0 - (not an official CPE) Sun SDK 1.3.1 Sun SDK 1.3.1_01 Sun SDK 1.3.1_01a Sun SDK 1.3.1_02 Sun SDK 1.3.1_03 Sun SDK 1.3.1_04 Sun SDK 1.3.1_05 Sun SDK 1.3.1_06 Sun SDK 1.3.1_07 Sun SDK 1.3.1_08 Sun SDK 1.3.1_09 Sun SDK 1.3.1_10 Sun SDK 1.3.1_11 Sun SDK 1.3.1_12 Sun SDK 1.3.1_13 Sun SDK 1.3.1_14 Sun SDK 1.3.1_15 Sun SDK 1.3.1_16 Sun SDK 1.3.1_17 Sun SDK 1.3.1_18 Sun SDK 1.3.1_19 Sun SDK 1.3.1_20 SDK 1.4.2 Sun SDK 1.4.2_1 Sun SDK 1.4.2_2 Sun SDK 1.4.2_3 Sun SDK 1.4.2_4 Sun SDK 1.4.2_5 Sun SDK 1.4.2_6 Sun SDK 1.4.2_7 Sun SDK 1.4.2_8 Sun SDK 1.4.2_9 Sun SDK 1.4.2_10 Sun SDK 1.4.2_11 Sun SDK 1.4.2_12 Sun SDK 1.4.2_13 Sun SDK 1.4.2_14