Definition


New Search

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06 and Sun Java Runtime Environment in JDK and JRE 6 JDK and JRE 5.0 Update 10 and earlier SDK and JRE 1.4.2_14 and earlier and SDK and JRE 1.3.1_20 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

oval:org.mitre.oval:def:11700

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06 and Sun Java Runtime Environment in JDK and JRE 6 JDK and JRE 5.0 Update 10 and earlier SDK and JRE 1.4.2_14 and earlier and SDK and JRE 1.3.1_20 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux Extras 3
  • Red Hat Enterprise Linux Extras 5
  • Red Hat Enterprise Linux Extras 4
Class:
vulnerability
Reference(s):
  • CVE-2007-2788
Product(s):