Definition
New Search
Integer and Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) "unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
oval:org.mitre.oval:def:6659
Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier and 6 Update 12 and earlier allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
Family:
unix
Status:
ACCEPTED
Platform(s):
- VMWare ESX Server 4.0
- VMWare ESX Server 3.5
Class:
vulnerability
Reference(s):
- CVE-2009-1096
Product(s):