|
|
|
Vulnerability Note VU#388289Sun Microsystems Java GIF image processing buffer overflowOverviewA vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system.I. DescriptionThe Sun Java Runtime Environment (JRE) allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for multiple operating systems. When a GIF image with a specified width of 0 is processed, the Sun JRE will overwrite memory contents, which can cause pointer corruption.Note that exploit code for this vulnerability is publicly available.
Per Sunsolve document 102760, this issue is addressed in
Disable Java Disable Java in your web browser, as specified in the Securing Your Web Browser document. Systems Affected
Referenceshttp://www.cert.org/tech_tips/securing_browser/ Thanks to ZDI for reporting this vulnerability, who in turn credit an anonymous researcher. This document was written by Will Dormann.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||