6.8
CVE-2007-0243
- EPSS 10.99%
- Veröffentlicht 17.01.2007 22:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.99% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://docs.info.apple.com/article.html?artnum=307177
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://secunia.com/advisories/28115
http://www.vupen.com/english/advisories/2007/4224
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579
http://secunia.com/advisories/24189
http://secunia.com/advisories/24468
http://secunia.com/advisories/25283
http://security.gentoo.org/glsa/glsa-200702-08.xml
http://www.us-cert.gov/cas/techalerts/TA07-022A.html
http://www.vupen.com/english/advisories/2007/0936
http://www.vupen.com/english/advisories/2007/1814
http://secunia.com/advisories/26049
http://secunia.com/advisories/26119
http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
http://www.novell.com/linux/security/advisories/2007_45_java.html
http://dev2dev.bea.com/pub/advisory/242
http://osvdb.org/32834
http://secunia.com/advisories/23757
http://secunia.com/advisories/24202
http://secunia.com/advisories/24993
http://secunia.com/advisories/26645
http://secunia.com/advisories/27203
http://securityreason.com/securityalert/2158
http://securitytracker.com/id?1017520
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
http://www.gentoo.org/security/en/glsa/glsa-200702-07.xml
http://www.kb.cert.org/vuls/id/388289
http://www.redhat.com/support/errata/RHSA-2007-0166.html
http://www.redhat.com/support/errata/RHSA-2007-0167.html
http://www.redhat.com/support/errata/RHSA-2007-0956.html
http://www.securityfocus.com/archive/1/457159/100/0/threaded
http://www.securityfocus.com/archive/1/457638/100/0/threaded
http://www.securityfocus.com/bid/22085
http://www.vupen.com/english/advisories/2007/0211
http://www.zerodayinitiative.com/advisories/ZDI-07-005.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/31537
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11073