Sun Java JRE GIF Image Processing Buffer Overflow Vulnerability

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • zodehala
    Senior Member
    • Aug 2005
    • 419
    • 3.5.x

    Sun Java JRE GIF Image Processing Buffer Overflow Vulnerability

    Secunia Advisory: SA23757
    Release Date: 2007-01-17
    Last Update: 2007-01-18

    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch

    Description:
    A vulnerability has been reported in Sun Java Runtime Environment (JRE), which can be exploited by malicious people to compromise a vulnerable system.

    The vulnerability is caused due to an error when processing GIF images and can be exploited to cause a heap-based buffer overflow via a specially crafted GIF image with an image width of 0.

    Successful exploitation allows execution of arbitrary code.

    The vulnerability is reported in the following versions:
    * JDK and JRE 5.0 Update 9 and prior.
    * SDK and JRE 1.4.2_12 and prior.
    * SDK and JRE 1.3.1_18 and prior.


    Provided and/or discovered by:
    Discovered by an anonymous person and reported via ZDI.

    Changelog:
    2007-01-18: Added CVE reference and link to US-CERT.

    Original Advisory:

    Sun Microsystems:


    ZDI:
    Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability


    Other References:
    US-CERT VU#388289:
  • Simetrical
    Senior Member
    • Jul 2005
    • 1401
    • 3.8.x

    #2
    How is this relevant to vB? It doesn't allow Java by default, and allowing arbitrary Java is typically a fairly significant privacy/security risk anyway (although it usually can't install viruses without exploits such as this).
    System Administrator, Total War Center

    Developer, MediaWiki

    Comment

    • Wayne Luke
      vBulletin Technical Support Lead
      • Aug 2000
      • 73976

      #3
      Moved because this has no relevance to vBulletin as it doesn't utilize Sun's Java Environment at all.
      Translations provided by Google.

      Wayne Luke
      The Rabid Badger - a vBulletin Cloud demonstration site.
      vBulletin 5 API

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...