Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability

Bugtraq ID: 24832
Class: Boundary Condition Error
CVE: CVE-2007-3655
Remote: Yes
Local: No
Published: Jul 09 2007 12:00AM
Updated: Mar 19 2015 08:48AM
Credit: Daniel Soeder working with eEye Digital Security and Brett Moore of Security-Assessment.com are credited with the discovery of this vulnerability.
Vulnerable: SuSE SUSE Linux Enterprise Server 9
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun JRE (Linux Production Release) 1.5 _07
Sun JRE (Linux Production Release) 1.5 _06
Sun JRE (Linux Production Release) 1.5 _05
Sun JRE (Linux Production Release) 1.5 _04
Sun JRE (Linux Production Release) 1.5 _03
Sun JRE (Linux Production Release) 1.5 _02
Sun JRE (Linux Production Release) 1.5 _01
Sun JRE (Linux Production Release) 1.5
Sun JRE (Linux Production Release) 1.6.0_01
Sun JRE (Linux Production Release) 1.5.0_10
Sun JRE (Linux Production Release) 1.5.0_09
Sun JRE (Linux Production Release) 1.5.0_08
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
RedHat Enterprise Linux Extras 4
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Gentoo Linux
Gentoo dev-java/ibm-jre-bin 1.5.0.6
Gentoo dev-java/ibm-jre-bin 1.4.2.10
Gentoo dev-java/ibm-jdk-bin 1.5.0.6
Gentoo dev-java/ibm-jdk-bin 1.4.2.10
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Not Vulnerable: Sun JRE (Linux Production Release) 1.6.0_02
Sun JRE (Linux Production Release) 1.5.0_12
Gentoo dev-java/ibm-jre-bin 1.5.0.7
Gentoo dev-java/ibm-jre-bin 1.4.2.11
Gentoo dev-java/ibm-jdk-bin 1.5.0.7
Gentoo dev-java/ibm-jdk-bin 1.4.2.11


 

Privacy Statement
Copyright 2010, SecurityFocus