Oracle Java SE and Java for Business CVE-2010-3571 ICC Profile Vulnerability

Oracle Java SE and Java for Business are prone to a remote vulnerability in the color profile parser.

The vulnerability can be exploited by a malicious Web page via a malformed ICC profile. A successful exploit will let the attacker execute arbitrary code with the privileges of the currently logged in user.

This vulnerability affects the following supported versions:
6 Update 21, 5.0 Update 25, 1.4.2_27, 1.3.1_28


 

Privacy Statement
Copyright 2010, SecurityFocus