Oracle Java and JavaFX JPEGImageReader Memory Corruption - Ver2 (CVE-2013-2430)

A memory corruption vulnerability has been reported in Oracle Java and JavaFX. The vulnerability is due to improper safeguards against object manipulation. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation o...

Oracle Java and JavaFX JPEGImageReader Memory Corruption - Ver2 (CVE-2013-2430)

A memory corruption vulnerability has been reported in Oracle Java and JavaFX. The vulnerability is due to improper safeguards against object manipulation. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation o...

OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...

CVE-2013-2430

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...

Code injection

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...

CVE-2013-2430

CVE-2013-2430 is a Java Runtime Environment (JRE) vulnerability affecting confidentiality, integrity, and availability via unknown vectors related to ImageIO in Oracle Java SE 7u17 and earlier, 6u43 and earlier, 5.0u41 and earlier, JavaFX 2.2.7 and earlier, and OpenJDK 6/7. Connected advisories c...

CVE-2013-2430

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...

RHEL 5 : java-1.4.2-ibm (RHSA-2011:1159)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1159 advisory. The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update...

RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2011:0938)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0938 advisory. - Oracle/IBM JDK: unspecified vulnerabilities fixed in 6u26 Sound CVE-2011-0802, CVE-2011-0814 - OpenJDK: integer overflows in...

Ubuntu 10.04 LTS / 10.10 / 11.04 : openjdk-6, openjdk-6b18 vulnerabilities (USN-1154-1)

It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...

USN-1154-1: OpenJDK 6 vulnerabilities

It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...

Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image...

Integer overflow

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CP...

OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CP...

Integer overflow

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...

CVE-2009-3874

CVE-2009-3874 is an integer overflow in JPEGImageReader of Java Image I/O that allows remote code execution via large JPEG subsample dimensions. Affected: Sun JDK/JRE 5.0 before Update 22, JDK/JRE 6 before Update 17, and SDK/JRE 1.4.x before 1.4.2_24. Remediation: upgrade to a version where the J...

CVE-2009-3874

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file...