Sun Java Runtime Environment JPEG Image Handling Integer Overflow Vulnerability

Bugtraq ID: 35942
Class: Boundary Condition Error
CVE: CVE-2009-2674
CVE-2009-3403
Remote: Yes
Local: No
Published: Aug 03 2009 12:00AM
Updated: Apr 13 2015 10:13PM
Credit: An anonymous researcher
Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
SuSE SUSE Linux Enterprise Server 11 DEBUGINFO
SuSE SUSE Linux Enterprise Server 11
+ Linux kernel 2.6.5
SuSE Suse Linux Enterprise Desktop 11
SuSE SUSE Linux Enterprise 11
Sun OpenJDK 6 Build b12
Sun JRE (Linux Production Release) 1.6 _13
Sun JRE (Linux Production Release) 1.6 _12
Sun JRE (Linux Production Release) 1.6 _10
Sun JRE (Linux Production Release) 1.6 _07
Sun JRE (Linux Production Release) 1.6 _06
Sun JRE (Linux Production Release) 1.6 _05
Sun JRE (Linux Production Release) 1.6 _04
Sun JRE (Linux Production Release) 1.6.0_14
Sun JRE (Linux Production Release) 1.6.0_11
Sun JRE (Linux Production Release) 1.6.0_03
Sun JRE (Linux Production Release) 1.6.0_02
Sun JRE (Linux Production Release) 1.6.0_01
Sun JDK (Windows Production Release) 1.6.0_03
Sun JDK (Windows Production Release) 1.6.0_02
Sun JDK (Windows Production Release) 1.6.0_01-b06
Sun JDK (Windows Production Release) 1.6.0_01
Sun JDK (Solaris Production Release) 1.6.0_03
Sun JDK (Solaris Production Release) 1.6.0_02
Sun JDK (Solaris Production Release) 1.6.0_01
Sun JDK (Linux Production Release) 1.6 _14
Sun JDK (Linux Production Release) 1.6 _13
Sun JDK (Linux Production Release) 1.6 _11
Sun JDK (Linux Production Release) 1.6 _10
Sun JDK (Linux Production Release) 1.6 _07
Sun JDK (Linux Production Release) 1.6 _06
Sun JDK (Linux Production Release) 1.6 _05
Sun JDK (Linux Production Release) 1.6 _04
Sun JDK (Linux Production Release) 1.6
Sun JDK (Linux Production Release) 1.6.0_03
Sun JDK (Linux Production Release) 1.6.0_02
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
Redhat Network Satellite (for RHEL 5 Server) 5.3
Redhat Network Satellite (for RHEL 4 AS) 5.3
Redhat Enterprise Linux WS Extras 4
Redhat Enterprise Linux Supplementary EUS 5.3.z
Redhat Enterprise Linux Supplementary 5 server
Redhat Enterprise Linux Extras 4.8.z
Redhat Enterprise Linux Extras 4
Redhat Enterprise Linux EUS 5.3.z server
Redhat Enterprise Linux ES Extras 4
Redhat Enterprise Linux Desktop Supplementary 5 client
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux AS Extras 4
Redhat Enterprise Linux 5 Server
Redhat Desktop Extras 4
Pardus Linux 2009 0
Oracle JRockit R27.6.4
Oracle JRockit R27.6.3
Oracle JRockit R27.6.2
Oracle JRockit R27.6.0
Oracle JRockit R27.1.0
Nortel Networks Self-Service WVADS 0
Nortel Networks Self-Service Speech Server 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 500 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service CCXML 0
Nortel Networks Self Service VoiceXML 0
Nortel Networks Contact Center - CCT 0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM Java SE 6.0 SR5
HP HP-UX 11.23
HP HP-UX 11.11
HP HP-UX 11.31
Gentoo Linux
Apple Mac OS X Server 10.5.8
Apple Mac OS X Server 10.5.7
Apple Mac OS X Server 10.5.6
Apple Mac OS X Server 10.5.5
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.8
Apple Mac OS X 10.5.7
Apple Mac OS X 10.5.6
Apple Mac OS X 10.5.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.5
Not Vulnerable: Sun JRE (Linux Production Release) 1.6.0_15
Sun JDK (Windows Production Release) 1.6.0_15
Sun JDK (Solaris Production Release) 1.6.0_15
Sun JDK (Linux Production Release) 1.6.0_15


 

Privacy Statement
Copyright 2010, SecurityFocus