6.8

CVE-2007-2788

EPSS 47.39%
Veröffentlicht 22.05.2007 00:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 61

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sun ≫ Jdk Version1.5.0 Update-

Sun ≫ Jdk Version1.5.0 Updateupdate1

Sun ≫ Jdk Version1.5.0 Updateupdate10

Sun ≫ Jdk Version1.5.0 Updateupdate2

Sun ≫ Jdk Version1.5.0 Updateupdate3

Sun ≫ Jdk Version1.5.0 Updateupdate4

Sun ≫ Jdk Version1.5.0 Updateupdate5

Sun ≫ Jdk Version1.5.0 Updateupdate6

Sun ≫ Jdk Version1.5.0 Updateupdate7

Sun ≫ Jdk Version1.5.0 Updateupdate8

Sun ≫ Jdk Version1.5.0 Updateupdate9

Sun ≫ Jdk Version1.6.0 Update-

Sun ≫ Jre Version1.3.1 Update-

Sun ≫ Jre Version1.3.1_2

Sun ≫ Jre Version1.3.1_03

Sun ≫ Jre Version1.3.1_04

Sun ≫ Jre Version1.3.1_05

Sun ≫ Jre Version1.3.1_06

Sun ≫ Jre Version1.3.1_07

Sun ≫ Jre Version1.3.1_08

Sun ≫ Jre Version1.3.1_09

Sun ≫ Jre Version1.3.1_10

Sun ≫ Jre Version1.3.1_11

Sun ≫ Jre Version1.3.1_12

Sun ≫ Jre Version1.3.1_13

Sun ≫ Jre Version1.3.1_14

Sun ≫ Jre Version1.3.1_15

Sun ≫ Jre Version1.3.1_16

Sun ≫ Jre Version1.3.1_17

Sun ≫ Jre Version1.3.1_18

Sun ≫ Jre Version1.3.1_19

Sun ≫ Jre Version1.3.1_20

Sun ≫ Jre Version1.4.2 Update-

Sun ≫ Jre Version1.4.2_1

Sun ≫ Jre Version1.4.2_2

Sun ≫ Jre Version1.4.2_3

Sun ≫ Jre Version1.4.2_4

Sun ≫ Jre Version1.4.2_5

Sun ≫ Jre Version1.4.2_6

Sun ≫ Jre Version1.4.2_7

Sun ≫ Jre Version1.4.2_8

Sun ≫ Jre Version1.4.2_9

Sun ≫ Jre Version1.4.2_10

Sun ≫ Jre Version1.4.2_11

Sun ≫ Jre Version1.4.2_12

Sun ≫ Jre Version1.4.2_13

Sun ≫ Jre Version1.4.2_14

Sun ≫ Jre Version1.5.0 Update-

Sun ≫ Jre Version1.5.0 Updateupdate1

Sun ≫ Jre Version1.5.0 Updateupdate10

Sun ≫ Jre Version1.5.0 Updateupdate2

Sun ≫ Jre Version1.5.0 Updateupdate3

Sun ≫ Jre Version1.5.0 Updateupdate4

Sun ≫ Jre Version1.5.0 Updateupdate5

Sun ≫ Jre Version1.5.0 Updateupdate6

Sun ≫ Jre Version1.5.0 Updateupdate7

Sun ≫ Jre Version1.5.0 Updateupdate8

Sun ≫ Jre Version1.5.0 Updateupdate9

Sun ≫ Jre Version1.6.0 Update-

Sun ≫ Sdk Version1.3.1

Sun ≫ Sdk Version1.3.1_01

Sun ≫ Sdk Version1.3.1_01a

Sun ≫ Sdk Version1.3.1_02

Sun ≫ Sdk Version1.3.1_03

Sun ≫ Sdk Version1.3.1_04

Sun ≫ Sdk Version1.3.1_05

Sun ≫ Sdk Version1.3.1_06

Sun ≫ Sdk Version1.3.1_07

Sun ≫ Sdk Version1.3.1_08

Sun ≫ Sdk Version1.3.1_09

Sun ≫ Sdk Version1.3.1_10

Sun ≫ Sdk Version1.3.1_11

Sun ≫ Sdk Version1.3.1_12

Sun ≫ Sdk Version1.3.1_13

Sun ≫ Sdk Version1.3.1_14

Sun ≫ Sdk Version1.3.1_15

Sun ≫ Sdk Version1.3.1_16

Sun ≫ Sdk Version1.3.1_17

Sun ≫ Sdk Version1.3.1_18

Sun ≫ Sdk Version1.3.1_19

Sun ≫ Sdk Version1.3.1_20

Sun ≫ Sdk Version1.4.2

Sun ≫ Sdk Version1.4.2_1

Sun ≫ Sdk Version1.4.2_2

Sun ≫ Sdk Version1.4.2_3

Sun ≫ Sdk Version1.4.2_4

Sun ≫ Sdk Version1.4.2_5

Sun ≫ Sdk Version1.4.2_6

Sun ≫ Sdk Version1.4.2_7

Sun ≫ Sdk Version1.4.2_8

Sun ≫ Sdk Version1.4.2_9

Sun ≫ Sdk Version1.4.2_10

Sun ≫ Sdk Version1.4.2_11

Sun ≫ Sdk Version1.4.2_12

Sun ≫ Sdk Version1.4.2_13

Sun ≫ Sdk Version1.4.2_14

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	47.39%	0.976

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://www.redhat.com/support/errata/RHSA-2008-0261.html

Third Party Advisory

http://lists.vmware.com/pipermail/security-announce/2008/000003.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/28365

Third Party Advisory

http://www.vupen.com/english/advisories/2008/0065

Permissions Required

http://docs.info.apple.com/article.html?artnum=307177

Broken Link

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/28115

Third Party Advisory

http://www.vupen.com/english/advisories/2007/4224

Permissions Required

http://secunia.com/advisories/26049

Third Party Advisory

http://secunia.com/advisories/26119

Third Party Advisory

http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html

Third Party Advisory

http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html

Third Party Advisory

http://www.novell.com/linux/security/advisories/2007_45_java.html

Third Party Advisory

http://secunia.com/advisories/26645

Third Party Advisory

http://secunia.com/advisories/27203

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0956.html

Third Party Advisory

http://secunia.com/advisories/25474

Third Party Advisory

http://secunia.com/advisories/25832

Third Party Advisory

http://secunia.com/advisories/26311

Third Party Advisory

http://secunia.com/advisories/26369

Third Party Advisory

http://secunia.com/advisories/29858

Third Party Advisory

http://secunia.com/advisories/30780

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200706-08.xml

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200804-28.xml

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0817.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0829.html

Third Party Advisory

http://dev2dev.bea.com/pub/advisory/248

Third Party Advisory

http://scary.beasts.org/security/CESA-2006-004.html

Third Party Advisory

http://secunia.com/advisories/25295

Patch

Third Party Advisory

http://secunia.com/advisories/26631

Third Party Advisory

http://secunia.com/advisories/26933

Third Party Advisory

http://secunia.com/advisories/27266

Third Party Advisory

http://secunia.com/advisories/28056

Third Party Advisory

http://secunia.com/advisories/29340

Third Party Advisory

http://secunia.com/advisories/30805

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1

Broken Link

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1

Broken Link

http://www.attrition.org/pipermail/vim/2007-December/001862.html

Third Party Advisory

http://www.attrition.org/pipermail/vim/2007-July/001696.html

Third Party Advisory

http://www.attrition.org/pipermail/vim/2007-July/001697.html

Third Party Advisory

http://www.attrition.org/pipermail/vim/2007-July/001708.html

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml

Third Party Advisory

http://www.kb.cert.org/vuls/id/138545

Third Party Advisory

US Government Resource

http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-1086.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0100.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0133.html

Third Party Advisory

http://www.securityfocus.com/bid/24004

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/24267

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id?1018182

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2007/1836

Permissions Required

http://www.vupen.com/english/advisories/2007/3009

Permissions Required

https://exchange.xforce.ibmcloud.com/vulnerabilities/34318

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/34652

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11700

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-2788

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2788

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2788

EUVD