6.8

CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJdk Version1.5.0 Update-
SunJdk Version1.5.0 Updateupdate1
SunJdk Version1.5.0 Updateupdate10
SunJdk Version1.5.0 Updateupdate2
SunJdk Version1.5.0 Updateupdate3
SunJdk Version1.5.0 Updateupdate4
SunJdk Version1.5.0 Updateupdate5
SunJdk Version1.5.0 Updateupdate6
SunJdk Version1.5.0 Updateupdate7
SunJdk Version1.5.0 Updateupdate8
SunJdk Version1.5.0 Updateupdate9
SunJdk Version1.6.0 Update-
SunJre Version1.3.1 Update-
SunJre Version1.3.1_2
SunJre Version1.3.1_03
SunJre Version1.3.1_04
SunJre Version1.3.1_05
SunJre Version1.3.1_06
SunJre Version1.3.1_07
SunJre Version1.3.1_08
SunJre Version1.3.1_09
SunJre Version1.3.1_10
SunJre Version1.3.1_11
SunJre Version1.3.1_12
SunJre Version1.3.1_13
SunJre Version1.3.1_14
SunJre Version1.3.1_15
SunJre Version1.3.1_16
SunJre Version1.3.1_17
SunJre Version1.3.1_18
SunJre Version1.3.1_19
SunJre Version1.3.1_20
SunJre Version1.4.2 Update-
SunJre Version1.4.2_1
SunJre Version1.4.2_2
SunJre Version1.4.2_3
SunJre Version1.4.2_4
SunJre Version1.4.2_5
SunJre Version1.4.2_6
SunJre Version1.4.2_7
SunJre Version1.4.2_8
SunJre Version1.4.2_9
SunJre Version1.4.2_10
SunJre Version1.4.2_11
SunJre Version1.4.2_12
SunJre Version1.4.2_13
SunJre Version1.4.2_14
SunJre Version1.5.0 Update-
SunJre Version1.5.0 Updateupdate1
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate2
SunJre Version1.5.0 Updateupdate3
SunJre Version1.5.0 Updateupdate4
SunJre Version1.5.0 Updateupdate5
SunJre Version1.5.0 Updateupdate6
SunJre Version1.5.0 Updateupdate7
SunJre Version1.5.0 Updateupdate8
SunJre Version1.5.0 Updateupdate9
SunJre Version1.6.0 Update-
SunSdk Version1.3.1
SunSdk Version1.3.1_01
SunSdk Version1.3.1_01a
SunSdk Version1.3.1_02
SunSdk Version1.3.1_03
SunSdk Version1.3.1_04
SunSdk Version1.3.1_05
SunSdk Version1.3.1_06
SunSdk Version1.3.1_07
SunSdk Version1.3.1_08
SunSdk Version1.3.1_09
SunSdk Version1.3.1_10
SunSdk Version1.3.1_11
SunSdk Version1.3.1_12
SunSdk Version1.3.1_13
SunSdk Version1.3.1_14
SunSdk Version1.3.1_15
SunSdk Version1.3.1_16
SunSdk Version1.3.1_17
SunSdk Version1.3.1_18
SunSdk Version1.3.1_19
SunSdk Version1.3.1_20
SunSdk Version1.4.2
SunSdk Version1.4.2_1
SunSdk Version1.4.2_2
SunSdk Version1.4.2_3
SunSdk Version1.4.2_4
SunSdk Version1.4.2_5
SunSdk Version1.4.2_6
SunSdk Version1.4.2_7
SunSdk Version1.4.2_8
SunSdk Version1.4.2_9
SunSdk Version1.4.2_10
SunSdk Version1.4.2_11
SunSdk Version1.4.2_12
SunSdk Version1.4.2_13
SunSdk Version1.4.2_14
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 18.19% 0.968
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000003.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/28365
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0065
Permissions Required
http://docs.info.apple.com/article.html?artnum=307177
Broken Link
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/28115
Third Party Advisory
http://www.vupen.com/english/advisories/2007/4224
Permissions Required
http://secunia.com/advisories/26049
Third Party Advisory
http://secunia.com/advisories/26119
Third Party Advisory
http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
Third Party Advisory
http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_45_java.html
Third Party Advisory
http://secunia.com/advisories/26645
Third Party Advisory
http://secunia.com/advisories/27203
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0956.html
Third Party Advisory
http://secunia.com/advisories/25474
Third Party Advisory
http://secunia.com/advisories/25832
Third Party Advisory
http://secunia.com/advisories/26311
Third Party Advisory
http://secunia.com/advisories/26369
Third Party Advisory
http://secunia.com/advisories/29858
Third Party Advisory
http://secunia.com/advisories/30780
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200706-08.xml
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200804-28.xml
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0817.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0829.html
Third Party Advisory
http://dev2dev.bea.com/pub/advisory/248
Third Party Advisory
http://scary.beasts.org/security/CESA-2006-004.html
Third Party Advisory
http://secunia.com/advisories/25295
Patch
Third Party Advisory
http://secunia.com/advisories/26631
Third Party Advisory
http://secunia.com/advisories/26933
Third Party Advisory
http://secunia.com/advisories/27266
Third Party Advisory
http://secunia.com/advisories/28056
Third Party Advisory
http://secunia.com/advisories/29340
Third Party Advisory
http://secunia.com/advisories/30805
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1
Broken Link
http://www.attrition.org/pipermail/vim/2007-December/001862.html
Third Party Advisory
http://www.attrition.org/pipermail/vim/2007-July/001696.html
Third Party Advisory
http://www.attrition.org/pipermail/vim/2007-July/001697.html
Third Party Advisory
http://www.attrition.org/pipermail/vim/2007-July/001708.html
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
Third Party Advisory
http://www.kb.cert.org/vuls/id/138545
Third Party Advisory
US Government Resource
http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-1086.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0100.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0133.html
Third Party Advisory
http://www.securityfocus.com/bid/24004
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/24267
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018182
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/1836
Permissions Required
http://www.vupen.com/english/advisories/2007/3009
Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/34318
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/34652
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700
Third Party Advisory