• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability

Sun Java Runtime Environment is prone to a buffer-overflow vulnerability when running untrusted applications or applets.

Successful exploits may allow attackers to read, write, or execute arbitrary local files in the context of the user running an untrusted application. This may result in a compromise of the underlying system.

This issue affects the following versions on Solaris, Windows, and Linux:

JDK and JRE 5.0 Update 9 and earlier
SDK and JRE 1.4.2_17 and earlier
SDK and JRE 1.3.1_22 and earlier