Lucene search

K
nvd[email protected]NVD:CVE-2007-2788
HistoryMay 22, 2007 - 12:30 a.m.

CVE-2007-2788

2007-05-2200:30:00
CWE-189
web.nvd.nist.gov
8

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.601

Percentile

97.9%

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Affected configurations

Nvd
Node
sunjdkMatch1.5.0-
OR
sunjdkMatch1.5.0update1
OR
sunjdkMatch1.5.0update10
OR
sunjdkMatch1.5.0update2
OR
sunjdkMatch1.5.0update3
OR
sunjdkMatch1.5.0update4
OR
sunjdkMatch1.5.0update5
OR
sunjdkMatch1.5.0update6
OR
sunjdkMatch1.5.0update7
OR
sunjdkMatch1.5.0update8
OR
sunjdkMatch1.5.0update9
OR
sunjdkMatch1.6.0-
Node
sunjreMatch1.3.1-
OR
sunjreMatch1.3.1_2
OR
sunjreMatch1.3.1_03
OR
sunjreMatch1.3.1_04
OR
sunjreMatch1.3.1_05
OR
sunjreMatch1.3.1_06
OR
sunjreMatch1.3.1_07
OR
sunjreMatch1.3.1_08
OR
sunjreMatch1.3.1_09
OR
sunjreMatch1.3.1_10
OR
sunjreMatch1.3.1_11
OR
sunjreMatch1.3.1_12
OR
sunjreMatch1.3.1_13
OR
sunjreMatch1.3.1_14
OR
sunjreMatch1.3.1_15
OR
sunjreMatch1.3.1_16
OR
sunjreMatch1.3.1_17
OR
sunjreMatch1.3.1_18
OR
sunjreMatch1.3.1_19
OR
sunjreMatch1.3.1_20
OR
sunjreMatch1.4.2-
OR
sunjreMatch1.4.2_1
OR
sunjreMatch1.4.2_2
OR
sunjreMatch1.4.2_3
OR
sunjreMatch1.4.2_4
OR
sunjreMatch1.4.2_5
OR
sunjreMatch1.4.2_6
OR
sunjreMatch1.4.2_7
OR
sunjreMatch1.4.2_8
OR
sunjreMatch1.4.2_9
OR
sunjreMatch1.4.2_10
OR
sunjreMatch1.4.2_11
OR
sunjreMatch1.4.2_12
OR
sunjreMatch1.4.2_13
OR
sunjreMatch1.4.2_14
OR
sunjreMatch1.5.0-
OR
sunjreMatch1.5.0update1
OR
sunjreMatch1.5.0update10
OR
sunjreMatch1.5.0update2
OR
sunjreMatch1.5.0update3
OR
sunjreMatch1.5.0update4
OR
sunjreMatch1.5.0update5
OR
sunjreMatch1.5.0update6
OR
sunjreMatch1.5.0update7
OR
sunjreMatch1.5.0update8
OR
sunjreMatch1.5.0update9
OR
sunjreMatch1.6.0-
Node
sunsdkMatch1.3.1
OR
sunsdkMatch1.3.1_01
OR
sunsdkMatch1.3.1_01a
OR
sunsdkMatch1.3.1_02
OR
sunsdkMatch1.3.1_03
OR
sunsdkMatch1.3.1_04
OR
sunsdkMatch1.3.1_05
OR
sunsdkMatch1.3.1_06
OR
sunsdkMatch1.3.1_07
OR
sunsdkMatch1.3.1_08
OR
sunsdkMatch1.3.1_09
OR
sunsdkMatch1.3.1_10
OR
sunsdkMatch1.3.1_11
OR
sunsdkMatch1.3.1_12
OR
sunsdkMatch1.3.1_13
OR
sunsdkMatch1.3.1_14
OR
sunsdkMatch1.3.1_15
OR
sunsdkMatch1.3.1_16
OR
sunsdkMatch1.3.1_17
OR
sunsdkMatch1.3.1_18
OR
sunsdkMatch1.3.1_19
OR
sunsdkMatch1.3.1_20
OR
sunsdkMatch1.4.2
OR
sunsdkMatch1.4.2_1
OR
sunsdkMatch1.4.2_2
OR
sunsdkMatch1.4.2_3
OR
sunsdkMatch1.4.2_4
OR
sunsdkMatch1.4.2_5
OR
sunsdkMatch1.4.2_6
OR
sunsdkMatch1.4.2_7
OR
sunsdkMatch1.4.2_8
OR
sunsdkMatch1.4.2_9
OR
sunsdkMatch1.4.2_10
OR
sunsdkMatch1.4.2_11
OR
sunsdkMatch1.4.2_12
OR
sunsdkMatch1.4.2_13
OR
sunsdkMatch1.4.2_14
VendorProductVersionCPE
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
Rows per page:
1-10 of 961

References

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.601

Percentile

97.9%