RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
BID:24267
Info
RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
| Bugtraq ID: | 24267 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 01 2007 12:00AM |
| Updated: | Jul 05 2007 06:07PM |
| Credit: | Chris Evans is credited with the discovery of this vulnerability. |
| Vulnerable: |
Sun SDK (Solaris Production Release) 1.4.2 _10 Sun SDK (Solaris Production Release) 1.4.2 _09 Sun SDK (Solaris Production Release) 1.4.2 _08 Sun SDK (Solaris Production Release) 1.4.2 _05 Sun SDK (Solaris Production Release) 1.4.2 _04 Sun SDK (Solaris Production Release) 1.4.2 _03 Sun SDK (Solaris Production Release) 1.4.2 Sun SDK (Solaris Production Release) 1.3.1 _15 Sun SDK (Solaris Production Release) 1.3.1 _14 Sun SDK (Solaris Production Release) 1.3.1 _13 Sun SDK (Solaris Production Release) 1.3.1 _12 Sun SDK (Solaris Production Release) 1.3.1 _11 Sun SDK (Solaris Production Release) 1.3.1 _10 Sun SDK (Solaris Production Release) 1.3.1 _09 Sun SDK (Solaris Production Release) 1.3.1 _08 Sun SDK (Solaris Production Release) 1.3.1 _07 Sun SDK (Solaris Production Release) 1.3.1 _06 Sun SDK (Solaris Production Release) 1.3.1 _05 Sun SDK (Solaris Production Release) 1.3.1 _03 Sun SDK (Solaris Production Release) 1.3.1 _02 Sun SDK (Solaris Production Release) 1.3.1 _01 Sun SDK (Solaris Production Release) 1.4.2_14 Sun SDK (Solaris Production Release) 1.4.2_13 Sun SDK (Solaris Production Release) 1.4.2_12 Sun SDK (Solaris Production Release) 1.4.2_11 Sun JRE (Linux Production Release) 1.5 _07 Sun JRE (Linux Production Release) 1.5 _05 Sun JRE (Linux Production Release) 1.5 _04 Sun JRE (Linux Production Release) 1.5 _03 Sun JRE (Linux Production Release) 1.5 _02 Sun JRE (Linux Production Release) 1.5 _01 Sun JRE (Linux Production Release) 1.5.0_10 Sun JRE (Linux Production Release) 1.5.0_09 Sun JRE (Linux Production Release) 1.3.1_20 Sun JDK (Windows Production Release) 1.5 .0_05 Sun JDK (Windows Production Release) 1.5 .0_04 Sun JDK (Windows Production Release) 1.5 .0_03 Sun JDK (Windows Production Release) 1.6.0_01-b06 Sun JDK (Windows Production Release) 1.5.0_11-b03 Sun JDK (Windows Production Release) 1.5.0_07-b03 Sun JDK (Windows Production Release) 1.5.0.0_09 Sun JDK (Windows Production Release) 1.5.0.0_08 Sun JDK (Windows Production Release) 1.5.0.0_06 Sun JDK (Windows Production Release) 1.3.1_20 Sun JDK (Linux Production Release) 1.5 _07 Sun JDK (Linux Production Release) 1.5 _06 Sun JDK (Linux Production Release) 1.5 .0_05 Sun JDK (Linux Production Release) 1.5 Sun JDK (Linux Production Release) 1.5.0.0_09 Sun JDK (Linux Production Release) 1.5.0.0_08 Sun JDK (Linux Production Release) 1.5.0.0_04 Sun JDK (Linux Production Release) 1.5.0.0_03 Sun Java 2 Runtime Environment 1.5 _06 Sun Java 2 Runtime Environment 1.5 |
| Not Vulnerable: |
Sun SDK (Windows Production Release) 1.4.2 _15 Sun SDK (Solaris Production Release) 1.4.2 _15 Sun SDK (Solaris Production Release) 1.3.1_20 Sun SDK (Linux Production Release) 1.4.2 _15 Sun JRE (Linux Production Release) 1.5.0_11 Sun JDK (Windows Production Release) 1.6.0_01 Sun JDK (Windows Production Release) 1.5.0.0_11 Sun JDK (Linux Production Release) 1.6 _01 Sun JDK (Linux Production Release) 1.5.0.0_11 Sun Java 2 Runtime Environment 1.6.0_01 |
Discussion
RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
The Sun Java Runtime Environment is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of a user who invokes a malicious Java applet.
This BID is being retired as a duplicate of the issues dicussed in BID 24004 (Sun JDK JPG/BMP Parser Multiple Vulnerabilities).
The Sun Java Runtime Environment is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of a user who invokes a malicious Java applet.
This BID is being retired as a duplicate of the issues dicussed in BID 24004 (Sun JDK JPG/BMP Parser Multiple Vulnerabilities).
Exploit / POC
RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
Solution:
Sun has released Sun Alert Advisory 102934 with fixes to address these issues. Please see the references for more information.
Solution:
Sun has released Sun Alert Advisory 102934 with fixes to address these issues. Please see the references for more information.
References
RETIRED: Sun Java Runtime Environment Image Parsing Buffer Overflow Vulnerability
References:
References:
- Sun Java Homepage (Sun Microsystems)
- Sun Alert ID 102934: Security Vulnerabilities in the Java Runtime Environment Im (Sun Microsystems)
- Vulnerability Note VU#138545 - Java Runtime Environment Image Parsing Code buffe (US-CERT)