2009-11-05 17:30:00 2018-10-30 17:25:14

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Sun SDK 1.4.2_19 Sun SDK1.4.2_18 Sun SDK1.4.2_17 Sun SDK 1.4.2_16 Sun SDK 1.4.2_15 Sun SDK 1.4.2_14 Sun SDK 1.4.2_13 Sun SDK 1.4.2_12 Sun SDK 1.4.2_11 Sun SDK 1.4.2_10 Sun SDK 1.4.2_9 Sun SDK 1.4.2_8 Sun SDK 1.4.2_7 Sun SDK 1.4.2_6 Sun SDK 1.4.2_5 Sun SDK 1.4.2_4 Sun SDK 1.4.2_3 Sun SDK 1.4.2_2 Sun SDK 1.4.2_1 Sun SDK 1.3.1_25 Sun SDK 1.3.1_24 Sun SDK 1.3.1_23 Sun SDK 1.3.1_22 Sun SDK 1.3.1_21 Sun SDK 1.3.1_20 Sun SDK 1.3.1_19 Sun SDK 1.3.1_18 Sun SDK 1.3.1_17 Sun SDK 1.3.1_16 Sun SDK 1.3.1_15 Sun SDK 1.3.1_14 Sun SDK 1.3.1_13 Sun SDK 1.3.1_12 Sun SDK 1.3.1_11 Sun SDK 1.3.1_10 Sun Sdk 1.3.1 9 (not an official CPE) Sun Sdk 1.3.1 8 (not an official CPE) Sun Sdk 1.3.1 7 (not an official CPE) Sun SDK 1.3.1_06 Sun SDK 1.3.1_05 Sun SDK 1.3.1_04 Sun SDK 1.3.1_03 Sun SDK 1.3.1_02 Sun SDK 1.3.1_01a Sun SDK 1.3.1_01 Sun JRE 1.6.0 Update 9 Sun Jre 1.6.0 Update 8 (not an official CPE) Sun JRE 1.6.0 Update 7 Sun JRE 1.6.0 Update 6 Sun JRE 1.6.0 Update 5 Sun JRE 1.6.0 Update 4 Sun JRE 1.6.0 Update 3 Sun JRE 1.6.0 Update 2 Sun JRE 1.6.0 Update 16 Sun JRE 1.6.0 Update 15 Sun JRE 1.6.0 Update 14 Sun JRE 1.6.0 Update 13 Sun JRE 1.6.0 Update 12 Sun JRE 1.6.0 Update 11 Sun JRE 1.6.0 Update 10 Sun JRE 1.6.0 Update 1 Sun Jre 1.5.0 Update 9 (not an official CPE) Sun Jre 1.5.0 Update 8 (not an official CPE) Sun Jre 1.5.0 Update 7 (not an official CPE) Sun Jre 1.5.0 Update 6 (not an official CPE) Sun Jre 1.5.0 Update 5 (not an official CPE) Sun Jre 1.5.0 Update 4 (not an official CPE) Sun Jre 1.5.0 Update 3 (not an official CPE) Sun Jre 1.5.0 Update 21 (not an official CPE) Sun Jre 1.5.0 Update 20 (not an official CPE) Sun Jre 1.5.0 Update 2 (not an official CPE) Sun Jre 1.5.0 Update 19 (not an official CPE) Sun Jre 1.5.0 Update 18 (not an official CPE) Sun Jre 1.5.0 Update 17 (not an official CPE) Sun Jre 1.5.0 Update 16 (not an official CPE) Sun Jre 1.5.0 Update 15 (not an official CPE) Sun Jre 1.5.0 Update 14 (not an official CPE) Sun Jre 1.5.0 Update 13 (not an official CPE) Sun Jre 1.5.0 Update 12 (not an official CPE) Sun Jre 1.5.0 Update 11 (not an official CPE) Sun Jre 1.5.0 Update 1 (not an official CPE) Sun JRE 1.4.2_22 Sun JRE 1.4.2_21 Sun JRE 1.4.2_20 Sun JRE 1.4.2_19 Sun JRE 1.4.2_18 Sun JRE 1.4.2_17 Sun JRE 1.4.2_16 Sun JRE 1.4.2_15 Sun JRE 1.4.2_14 Sun JRE 1.4.2_13 Sun JRE 1.4.2_12 Sun JRE 1.4.2_11 Sun JRE 1.4.2_10 Sun JRE 1.4.2_9 Sun JRE 1.4.2_8 Sun JRE 1.4.2_7 Sun JRE 1.4.2_6 Sun JRE 1.4.2_5 Sun JRE 1.4.2_4 Sun JRE 1.4.2_3 Sun JRE 1.4.2_2 Sun JRE 1.4.2_1 Sun JRE 1.3.1_25 Sun JRE 1.3.1_24 Sun JRE 1.3.1_23 Sun JRE 1.3.1_22 Sun JRE 1.3.1_21 Sun JRE 1.3.1_20 Sun JRE 1.3.1_19 Sun JRE 1.3.1_18 Sun JRE 1.3.1_17 Sun JRE 1.3.1_16 Sun JRE 1.3.1_15 Sun JRE 1.3.1_14 Sun JRE 1.3.1_13 Sun JRE 1.3.1_12 Sun JRE 1.3.1_11 Sun JRE 1.3.1_10 Sun JRE 1.3.1_09 Sun JRE 1.3.1_08 Sun JRE 1.3.1_07 Sun JRE 1.3.1_06 Sun JRE 1.3.1_05 Sun JRE 1.3.1_04 Sun JRE 1.3.1_03 Sun Jre 1.3.1 02 (not an official CPE) Sun Jre 1.3.1 01a (not an official CPE) Sun Jre 1.3.1 01 (not an official CPE) Sun Jdk 1.6.0 Update 9 (not an official CPE) Sun Jdk 1.6.0 Update 8 (not an official CPE) Sun JDK 1.6.0 Update 7 Sun JDK 1.6.0 Update 6 Sun JDK 1.6.0 Update 5 Sun JDK 1.6.0 Update 4 Sun JDK 1.6.0 Update 3 Sun JDK 1.6.0 Update 16 Sun JDK 1.6.0 Update 15 Sun JDK 1.6.0 Update 14 Sun JDK 1.6.0 Update 13 Sun JDK 1.6.0 Update 12 Sun JDK 1.6.0 Update 11 Sun JDK 1.6.0 Update 10 Sun Jdk 1.6.0 Update 1 (not an official CPE) Sun JDK 6 Update 2 Sun Jdk 1.5.0 Update 9 (not an official CPE) Sun Jdk 1.5.0 Update 8 (not an official CPE) Sun Jdk 1.5.0 Update 7 (not an official CPE) Sun Jdk 1.5.0 Update 6 (not an official CPE) Sun Jdk 1.5.0 Update 5 (not an official CPE) Sun Jdk 1.5.0 Update 4 (not an official CPE) Sun Jdk 1.5.0 Update 3 (not an official CPE) Sun Jdk 1.5.0 Update 21 (not an official CPE) Sun Jdk 1.5.0 Update 20 (not an official CPE) Sun Jdk 1.5.0 Update 2 (not an official CPE) Sun Jdk 1.5.0 Update 19 (not an official CPE) Sun Jdk 1.5.0 Update 18 (not an official CPE) Sun Jdk 1.5.0 Update 17 (not an official CPE) Sun Jdk 1.5.0 Update 16 (not an official CPE) Sun Jdk 1.5.0 Update 15 (not an official CPE) Sun Jdk 1.5.0 Update 14 (not an official CPE) Sun Jdk 1.5.0 Update 13 (not an official CPE) Sun Jdk 1.5.0 Update 12 (not an official CPE) Sun Jdk 1.5.0 Update 11 (not an official CPE) Sun Jdk 1.5.0 Update 10 (not an official CPE) Sun Jdk 1.5.0 Update 1 (not an official CPE) Sun SDK 1.4.2_20 Sun SDK 1.4.2_21 SDK 1.4.2_22