Computer Security

CVE-2007-0243
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2007-0243
StatusCandidate
DescriptionBuffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.
SeverityHigh
CVSS score8
CVSS vector(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)
PhaseAssigned (16.01.2007)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0243
ReferencesBEA : BEA07-172.00
 BID : 22085
 BUGTRAQ : 20070117 ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability
 BUGTRAQ : 20070121 Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit
 CERT-VN : VU#388289
 CONFIRM : http://support.novell.com/techcenter/psdb/4f850d1e...
 CONFIRM : http://support.novell.com/techcenter/psdb/d2f549cc...
 FRSIRT : ADV-2007-0211
 FRSIRT : ADV-2007-0936
 FRSIRT : ADV-2007-1814
 GENTOO : GLSA-200702-07
 GENTOO : GLSA-200702-08
 HP : HPSBUX02196
 HP : SSRT071318
 MISC : http://www.zerodayinitiative.com/advisories/ZDI-07...
 REDHAT : RHSA-2007:0166
 REDHAT : RHSA-2007:0167
 SECTRACK : 1017520
 SECUNIA : 23757
 SECUNIA : 24189
 SECUNIA : 24202
 SECUNIA : 24468
 SECUNIA : 24993
 SECUNIA : 25283
 SECUNIA : 26049
 SUNALERT : 102760
 XF : jre-gif-bo(31537)
SecurityVulns:Sun Java memory corruption
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server