BEA JRockit Java Virtual Machine Unspecified Stack Buffer Overflow Vulnerability

BEA JRockit Java Virtual Machine Unspecified Stack Buffer Overflow Vulnerability

BEA JRockit is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.

BEA JRockit 1.4.2 R4.5 and prior versions are vulnerable to this issue. WebLogic server express and platform version 8.1 through service pack 5 are also vulnerable.