Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability

Bugtraq ID: 24832
Class: Boundary Condition Error
CVE: CVE-2007-3655
Remote: Yes
Local: No
Published: Jul 09 2007 12:00AM
Updated: Jun 26 2008 12:21AM
Credit: Daniel Soeder working with eEye Digital Security and Brett Moore of Security-Assessment.com are credited with the discovery of this vulnerability.
Vulnerable: SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise Desktop 10 SP1
Sun Java 2 Runtime Environment 6.0 Update 1
Sun Java 2 Runtime Environment 5.0.Update 9
Sun Java 2 Runtime Environment 5.0.Update 10
Sun Java 2 Runtime Environment 5.0 Update 8
Sun Java 2 Runtime Environment 5.0 Update 7
Sun Java 2 Runtime Environment 5.0 Update 6
Sun Java 2 Runtime Environment 5.0 Update 5
Sun Java 2 Runtime Environment 5.0 Update 4
Sun Java 2 Runtime Environment 5.0 Update 3
Sun Java 2 Runtime Environment 5.0 Update 2
Sun Java 2 Runtime Environment 5.0 Update 11
Sun Java 2 Runtime Environment 5.0 Update 1
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Linux Enterprise Server 9
RedHat Enterprise Linux Extras 4
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Gentoo Linux
Gentoo dev-java/ibm-jre-bin 1.5.0.6
Gentoo dev-java/ibm-jre-bin 1.4.2.10
Gentoo dev-java/ibm-jdk-bin 1.5.0.6
Gentoo dev-java/ibm-jdk-bin 1.4.2.10
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.10
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.10
Not Vulnerable: Sun Java 2 Runtime Environment 6.0 Update 2
Sun Java 2 Runtime Environment 5.0.Update 12
Gentoo dev-java/ibm-jre-bin 1.5.0.7
Gentoo dev-java/ibm-jre-bin 1.4.2.11
Gentoo dev-java/ibm-jdk-bin 1.5.0.7
Gentoo dev-java/ibm-jdk-bin 1.4.2.11


 

Privacy Statement
Copyright 2010, SecurityFocus