Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability

Sun Java Runtime Environment is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects these versions:

Java Runtime Environment 6 update 1
Java Runtime Environment 5 update 11

Prior versions are also affected.


Privacy Statement
Copyright 2010, SecurityFocus