[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-2788

Date: (C)2007-05-21   (M)2017-10-12
 
CVSS Score: 6.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Reference:
SECTRACK-1018182
SUNALERT-102934
http://www.attrition.org/pipermail/vim/2007-July/001696.html
http://www.attrition.org/pipermail/vim/2007-July/001697.html
http://www.attrition.org/pipermail/vim/2007-July/001708.html
http://www.attrition.org/pipermail/vim/2007-December/001862.html
SUNALERT-200856
BID-24004
BID-24267
SECUNIA-25295
SECUNIA-25474
SECUNIA-25832
SECUNIA-26049
SECUNIA-26119
SECUNIA-26311
SECUNIA-26369
SECUNIA-26631
SECUNIA-26645
SECUNIA-26933
SECUNIA-27203
SECUNIA-27266
SECUNIA-28056
SECUNIA-28115
SECUNIA-28365
SECUNIA-29340
SECUNIA-29858
SECUNIA-30780
SECUNIA-30805
ADV-2007-1836
ADV-2007-3009
ADV-2007-4224
ADV-2008-0065
APPLE-SA-2007-12-14
BEA07-177.00
GLSA-200705-23
GLSA-200706-08
GLSA-200709-15
GLSA-200804-20
GLSA-200804-28
GLSA-200806-11
RHSA-2007:0817
RHSA-2007:0829
RHSA-2007:0956
RHSA-2007:1086
RHSA-2008:0100
RHSA-2008:0133
RHSA-2008:0261
SUSE-SA:2007:045
SUSE-SA:2007:056
VU#138545
http://lists.vmware.com/pipermail/security-announce/2008/000003.html
http://docs.info.apple.com/article.html?artnum=307177
http://scary.beasts.org/security/CESA-2006-004.html
http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
sun-java-image-bo(34652)
sunjava-iccprofile-overflow(34318)

CPE    10
cpe:/a:sun:jre:1.5.0:update10
cpe:/a:sun:jre:1.4.2:update14
cpe:/a:sun:jdk:1.6.0:update1_b06
cpe:/a:sun:jdk:1.4.2:update14
...
CWE    1
CWE-189

© 2013 SecPod Technologies