Lucene search

K
cveMitreCVE-2007-2789
HistoryMay 22, 2007 - 12:30 a.m.

CVE-2007-2789

2007-05-2200:30:00
CWE-399
mitre
web.nvd.nist.gov
48
cve-2007-2789
sun java development kit
sun java runtime environment
image parser
jvm hang
denial of service
unix
linux
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.01

Percentile

84.1%

The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty.

Affected configurations

Nvd
Node
sunjdkMatch1.5.0-
OR
sunjdkMatch1.5.0update1
OR
sunjdkMatch1.5.0update10
OR
sunjdkMatch1.5.0update2
OR
sunjdkMatch1.5.0update3
OR
sunjdkMatch1.5.0update4
OR
sunjdkMatch1.5.0update5
OR
sunjdkMatch1.5.0update6
OR
sunjdkMatch1.5.0update7
OR
sunjdkMatch1.5.0update8
OR
sunjdkMatch1.5.0update9
OR
sunjdkMatch1.6.0-
Node
sunjreMatch1.3.1-
OR
sunjreMatch1.3.1_2
OR
sunjreMatch1.3.1_03
OR
sunjreMatch1.3.1_04
OR
sunjreMatch1.3.1_05
OR
sunjreMatch1.3.1_06
OR
sunjreMatch1.3.1_07
OR
sunjreMatch1.3.1_08
OR
sunjreMatch1.3.1_09
OR
sunjreMatch1.3.1_10
OR
sunjreMatch1.3.1_11
OR
sunjreMatch1.3.1_12
OR
sunjreMatch1.3.1_13
OR
sunjreMatch1.3.1_14
OR
sunjreMatch1.3.1_15
OR
sunjreMatch1.3.1_16
OR
sunjreMatch1.3.1_17
OR
sunjreMatch1.3.1_18
OR
sunjreMatch1.3.1_19
OR
sunjreMatch1.4.2-
OR
sunjreMatch1.4.2_1
OR
sunjreMatch1.4.2_2
OR
sunjreMatch1.4.2_3
OR
sunjreMatch1.4.2_4
OR
sunjreMatch1.4.2_5
OR
sunjreMatch1.4.2_6
OR
sunjreMatch1.4.2_7
OR
sunjreMatch1.4.2_8
OR
sunjreMatch1.4.2_9
OR
sunjreMatch1.4.2_10
OR
sunjreMatch1.4.2_11
OR
sunjreMatch1.4.2_12
OR
sunjreMatch1.4.2_13
OR
sunjreMatch1.4.2_14
OR
sunjreMatch1.5.0-
OR
sunjreMatch1.5.0update1
OR
sunjreMatch1.5.0update10
OR
sunjreMatch1.5.0update2
OR
sunjreMatch1.5.0update3
OR
sunjreMatch1.5.0update4
OR
sunjreMatch1.5.0update5
OR
sunjreMatch1.5.0update6
OR
sunjreMatch1.5.0update7
OR
sunjreMatch1.5.0update8
OR
sunjreMatch1.5.0update9
OR
sunjreMatch1.6.0-
Node
sunsdkMatch1.3.1
OR
sunsdkMatch1.3.1_01
OR
sunsdkMatch1.3.1_01a
OR
sunsdkMatch1.3.1_02
OR
sunsdkMatch1.3.1_03
OR
sunsdkMatch1.3.1_04
OR
sunsdkMatch1.3.1_05
OR
sunsdkMatch1.3.1_06
OR
sunsdkMatch1.3.1_07
OR
sunsdkMatch1.3.1_08
OR
sunsdkMatch1.3.1_09
OR
sunsdkMatch1.3.1_10
OR
sunsdkMatch1.3.1_11
OR
sunsdkMatch1.3.1_12
OR
sunsdkMatch1.3.1_13
OR
sunsdkMatch1.3.1_14
OR
sunsdkMatch1.3.1_15
OR
sunsdkMatch1.3.1_16
OR
sunsdkMatch1.3.1_17
OR
sunsdkMatch1.3.1_18
OR
sunsdkMatch1.3.1_19
OR
sunsdkMatch1.4.2
OR
sunsdkMatch1.4.2_1
OR
sunsdkMatch1.4.2_2
OR
sunsdkMatch1.4.2_3
OR
sunsdkMatch1.4.2_4
OR
sunsdkMatch1.4.2_5
OR
sunsdkMatch1.4.2_6
OR
sunsdkMatch1.4.2_7
OR
sunsdkMatch1.4.2_8
OR
sunsdkMatch1.4.2_9
OR
sunsdkMatch1.4.2_10
OR
sunsdkMatch1.4.2_11
OR
sunsdkMatch1.4.2_12
OR
sunsdkMatch1.4.2_13
OR
sunsdkMatch1.4.2_14
VendorProductVersionCPE
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
Rows per page:
1-10 of 941

References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

High

EPSS

0.01

Percentile

84.1%