Oracle Java SE TTF Font Parsing Remote Code Execution Vulnerability

Oracle Java SE is prone to a remote code-execution vulnerability.

The vulnerability can be exploited over multiple protocols. This issue affects the '2D' sub-component.

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

This vulnerability affects the following supported versions:
Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R28.2.9, Java SE Embedded 7u45


Privacy Statement
Copyright 2010, SecurityFocus