Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other
Informations
Name HPSBUX02503 SSRT100019 First vendor Publication 2010-02-08
Vendor HP Last vendor Modification 2010-02-08
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01997760

CWE : Common Weakness Enumeration

% Id Name
56 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
22 % CWE-399 Resource Management Errors
11 % CWE-310 Cryptographic Issues
11 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10328
 
Oval ID: oval:org.mitre.oval:def:10328
Title: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3876
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10469
 
Oval ID: oval:org.mitre.oval:def:10469
Title: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3877
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10741
 
Oval ID: oval:org.mitre.oval:def:10741
Title: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Description: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3869
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11262
 
Oval ID: oval:org.mitre.oval:def:11262
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3869
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11566
 
Oval ID: oval:org.mitre.oval:def:11566
Title: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
Description: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3874
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11715
 
Oval ID: oval:org.mitre.oval:def:11715
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3872
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11746
 
Oval ID: oval:org.mitre.oval:def:11746
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3873
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11834
 
Oval ID: oval:org.mitre.oval:def:11834
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3868
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11847
 
Oval ID: oval:org.mitre.oval:def:11847
Title: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
Description: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3875
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11903
 
Oval ID: oval:org.mitre.oval:def:11903
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3867
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11934
 
Oval ID: oval:org.mitre.oval:def:11934
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3876
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12057
 
Oval ID: oval:org.mitre.oval:def:12057
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3874
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12112
 
Oval ID: oval:org.mitre.oval:def:12112
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3875
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12134
 
Oval ID: oval:org.mitre.oval:def:12134
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3871
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12232
 
Oval ID: oval:org.mitre.oval:def:12232
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3877
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22842
 
Oval ID: oval:org.mitre.oval:def:22842
Title: ELSA-2009:1647: java-1.5.0-ibm security update (Critical)
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: patch
Reference(s): ELSA-2009:1647-01
CVE-2009-3867
CVE-2009-3868
CVE-2009-3869
CVE-2009-3871
CVE-2009-3872
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877
Version: 45
Platform(s): Oracle Linux 5
Product(s): java-1.5.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22907
 
Oval ID: oval:org.mitre.oval:def:22907
Title: ELSA-2009:1694: java-1.6.0-ibm security update (Critical)
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: patch
Reference(s): ELSA-2009:1694-01
CVE-2009-0217
CVE-2009-3555
CVE-2009-3865
CVE-2009-3866
CVE-2009-3867
CVE-2009-3868
CVE-2009-3869
CVE-2009-3871
CVE-2009-3872
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877
Version: 61
Platform(s): Oracle Linux 5
Product(s): java-1.6.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22972
 
Oval ID: oval:org.mitre.oval:def:22972
Title: ELSA-2009:1643: java-1.4.2-ibm security update (Critical)
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: patch
Reference(s): ELSA-2009:1643-01
CVE-2009-3867
CVE-2009-3868
CVE-2009-3869
CVE-2009-3871
CVE-2009-3872
CVE-2009-3873
CVE-2009-3874
CVE-2009-3875
CVE-2009-3876
CVE-2009-3877
Version: 45
Platform(s): Oracle Linux 5
Product(s): java-1.4.2-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6698
 
Oval ID: oval:org.mitre.oval:def:6698
Title: OpenJDK JRE AWT setBytePixels Heap Overflow Vulnerability
Description: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3871
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6746
 
Oval ID: oval:org.mitre.oval:def:6746
Title: Sun Java Stack-based Buffer Overflow via a Long File: URL Argument
Description: Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3867
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6786
 
Oval ID: oval:org.mitre.oval:def:6786
Title: Sun Java Privilege Escalation via Crafted Image File Due Improper Color Profiles Parsing
Description: Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3868
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6805
 
Oval ID: oval:org.mitre.oval:def:6805
Title: OpenJDK ASN.1/DER Input Stream Parser Denial of Service via Crafted DER Encoded Data
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3876
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6963
 
Oval ID: oval:org.mitre.oval:def:6963
Title: JRE JPEG JFIF Decoder Vulnerability
Description: Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3872
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6970
 
Oval ID: oval:org.mitre.oval:def:6970
Title: OpenJDK JPEG Image Writer quantization problem
Description: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3873
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7148
 
Oval ID: oval:org.mitre.oval:def:7148
Title: OpenJDK ASN.1/DER Input Stream Parser Denial of Service via Crafted HTTP Headers
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3877
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7400
 
Oval ID: oval:org.mitre.oval:def:7400
Title: OpenJDK JRE AWT setDifflCM Stack Overflow Vulnerability
Description: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3869
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7442
 
Oval ID: oval:org.mitre.oval:def:7442
Title: OpenJDK ImageI/O JPEG Heap Overflow Vulnerability
Description: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3874
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7549
 
Oval ID: oval:org.mitre.oval:def:7549
Title: OpenJDK MessageDigest.isEqual Introduces Timing Attack Vulnerabilities
Description: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3875
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7750
 
Oval ID: oval:org.mitre.oval:def:7750
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3867
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7913
 
Oval ID: oval:org.mitre.oval:def:7913
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3875
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8275
 
Oval ID: oval:org.mitre.oval:def:8275
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3871
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8330
 
Oval ID: oval:org.mitre.oval:def:8330
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3877
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8396
 
Oval ID: oval:org.mitre.oval:def:8396
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3873
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8475
 
Oval ID: oval:org.mitre.oval:def:8475
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3872
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8566
 
Oval ID: oval:org.mitre.oval:def:8566
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3869
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8603
 
Oval ID: oval:org.mitre.oval:def:8603
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3874
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8608
 
Oval ID: oval:org.mitre.oval:def:8608
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3876
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8622
 
Oval ID: oval:org.mitre.oval:def:8622
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3868
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9360
 
Oval ID: oval:org.mitre.oval:def:9360
Title: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
Description: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3871
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9602
 
Oval ID: oval:org.mitre.oval:def:9602
Title: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
Description: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3873
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 75
Application 136
Application 66

SAINT Exploits

Description Link
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow More info here
Java Runtime Environment AWT setDiffICM buffer overflow More info here

ExploitDB Exploits

id Description
2010-09-20 Sun Java JRE AWT setDiffICM Buffer Overflow
2010-09-20 Sun Java JRE getSoundbank file:// URI Buffer Overflow

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for java CESA-2009:1584 centos5 i386
File : nvt/gb_CESA-2009_1584_java_centos5_i386.nasl
2010-05-28 Name : Java for Mac OS X 10.6 Update 1
File : nvt/macosx_java_for_10_6_upd_1.nasl
2010-05-28 Name : Java for Mac OS X 10.5 Update 6
File : nvt/macosx_java_for_10_5_upd_6.nasl
2010-04-30 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2010_084.nasl
2010-03-02 Name : Mandriva Update for x11-driver-video-ati MDVA-2010:084 (x11-driver-video-ati)
File : nvt/gb_mandriva_MDVA_2010_084.nasl
2010-02-15 Name : HP-UX Update for Java HPSBUX02503
File : nvt/gb_hp_ux_HPSBUX02503.nasl
2009-12-30 Name : RedHat Security Advisory RHSA-2009:1694
File : nvt/RHSA_2009_1694.nasl
2009-12-14 Name : RedHat Security Advisory RHSA-2009:1643
File : nvt/RHSA_2009_1643.nasl
2009-12-14 Name : RedHat Security Advisory RHSA-2009:1647
File : nvt/RHSA_2009_1647.nasl
2009-11-23 Name : SuSE Security Advisory SUSE-SA:2009:058 (java-1_6_0-sun)
File : nvt/suse_sa_2009_058.nasl
2009-11-23 Name : CentOS Security Advisory CESA-2009:1584 (java-1.6.0-openjdk)
File : nvt/ovcesa2009_1584.nasl
2009-11-17 Name : Fedora Core 10 FEDORA-2009-11490 (java-1.6.0-openjdk)
File : nvt/fcore_2009_11490.nasl
2009-11-17 Name : Fedora Core 12 FEDORA-2009-11489 (java-1.6.0-openjdk)
File : nvt/fcore_2009_11489.nasl
2009-11-17 Name : Fedora Core 11 FEDORA-2009-11486 (java-1.6.0-openjdk)
File : nvt/fcore_2009_11486.nasl
2009-11-17 Name : RedHat Security Advisory RHSA-2009:1584
File : nvt/RHSA_2009_1584.nasl
2009-11-17 Name : RedHat Security Advisory RHSA-2009:1571
File : nvt/RHSA_2009_1571.nasl
2009-11-13 Name : Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Linux)
File : nvt/gb_sun_java_jre_mult_vuln_nov09_lin.nasl
2009-11-13 Name : Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Win)
File : nvt/gb_sun_java_jre_mult_vuln_nov09_win.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1560
File : nvt/RHSA_2009_1560.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
59714 Sun Java JDK / JRE JPEG Image Writer Unspecified Overflow (6862968)

59713 Sun Java JDK / JRE JPEG JFIF Decoder Unspecified Overflow (6862969)

59712 Sun Java JDK / JRE Color Profile Handling Unspecified Overflow (6862970)

59711 Sun Java JDK / JRE HsbParser.getSoundBank Function file:// URI Parsing Overflow

59710 Sun Java JDK / JRE AWT setDifflCM Library Function Overflow

59709 Sun Java JDK / JRE AWT setBytePixels Library Function Overflow

59708 Sun Java JDK / JRE JPEGImageReader Subsample Dimension Handling Overflow

59707 Sun Java JDK / JRE MessageDigest.isEqual Function HMAC Digest Signature Forge...

59706 Sun Java JDK / JRE HTTP Header Parsing Unspecified Memory Exhaustion DoS

59705 Sun Java JDK / JRE DER Encoded Data Decoding Unspecified Memory Exhaustion DoS

Snort® IPS/IDS

Date Description
2014-01-10 Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC
2014-01-10 Phoenix exploit kit landing page
RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 Oracle Java getSoundBank overflow Attempt malicious jar file
RuleID : 20858 - Revision : 8 - Type : FILE-JAVA
2014-01-10 Oracle Java runtime JPEGImageReader overflow attempt
RuleID : 20055 - Revision : 11 - Type : FILE-JAVA
2014-01-10 Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt
RuleID : 19926 - Revision : 10 - Type : FILE-JAVA
2014-01-10 Oracle Java HsbParser.getSoundBank stack buffer overflow attempt
RuleID : 17776 - Revision : 11 - Type : FILE-JAVA
2014-01-10 Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt
RuleID : 16288 - Revision : 11 - Type : FILE-JAVA

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1584.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_269868_unix.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091109_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2011-04-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-6755.nasl - Type : ACT_GATHER_INFO
2010-04-29 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-084.nasl - Type : ACT_GATHER_INFO
2010-03-31 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0002.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0043.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-100105.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-6757.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-100105.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12565.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12564.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1694.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1647.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1643.nasl - Type : ACT_GATHER_INFO
2009-12-04 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_5_update6.nasl - Type : ACT_GATHER_INFO
2009-12-04 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update1.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO
2009-11-30 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_java-1_6_0-openjdk-091127.nasl - Type : ACT_GATHER_INFO
2009-11-19 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO
2009-11-19 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO
2009-11-19 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO
2009-11-19 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO
2009-11-18 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200911-02.nasl - Type : ACT_GATHER_INFO
2009-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11489.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-859-1.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11490.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11486.nasl - Type : ACT_GATHER_INFO
2009-11-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1571.nasl - Type : ACT_GATHER_INFO
2009-11-11 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO
2009-11-11 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO
2009-11-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1560.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Windows host contains a runtime environment that is affected by mu...
File : sun_java_jre_269868.nasl - Type : ACT_GATHER_INFO