Announcement

Collapse
No announcement yet.

Sun Java JRE GIF Image Processing Buffer Overflow Vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Sun Java JRE GIF Image Processing Buffer Overflow Vulnerability

    Secunia Advisory: SA23757
    Release Date: 2007-01-17
    Last Update: 2007-01-18

    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch

    Description:
    A vulnerability has been reported in Sun Java Runtime Environment (JRE), which can be exploited by malicious people to compromise a vulnerable system.

    The vulnerability is caused due to an error when processing GIF images and can be exploited to cause a heap-based buffer overflow via a specially crafted GIF image with an image width of 0.

    Successful exploitation allows execution of arbitrary code.

    The vulnerability is reported in the following versions:
    * JDK and JRE 5.0 Update 9 and prior.
    * SDK and JRE 1.4.2_12 and prior.
    * SDK and JRE 1.3.1_18 and prior.


    Provided and/or discovered by:
    Discovered by an anonymous person and reported via ZDI.

    Changelog:
    2007-01-18: Added CVE reference and link to US-CERT.

    Original Advisory:

    Sun Microsystems:
    http://sunsolve.sun.com/search/docum...=1-26-102760-1

    ZDI:
    http://www.zerodayinitiative.com/adv...DI-07-005.html

    Other References:
    US-CERT VU#388289:
    http://www.kb.cert.org/vuls/id/388289

  • #2
    How is this relevant to vB? It doesn't allow Java by default, and allowing arbitrary Java is typically a fairly significant privacy/security risk anyway (although it usually can't install viruses without exploits such as this).
    System Administrator, Total War Center

    Developer, MediaWiki

    Comment


    • #3
      Moved because this has no relevance to vBulletin as it doesn't utilize Sun's Java Environment at all.
      Translations provided by Google.

      Wayne Luke
      The Rabid Badger - a vBulletin Cloud customization and demonstration site.
      vBulletin 5 Documentation - Updated every Friday. Report issues here.
      vBulletin 5 API - Full / Mobile
      I am not currently available for vB Messenger Chats.

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...
      X