CVSS: 10.0EPSS: 3%CPEs: 61EXPL: 0CVE-2009-2675 – Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-2675
Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. Un desbordamiento de enteros en la utilidad unpack200 en Sun Java Runtime Environment (JRE) en JDK y JRE versión 6 anterior a Update 15, y JDK y JRE versión 5.0 anterior a Update 20, permite a los atacantes dependiendo del contexto alcanzar privilegios por medio de campos de longitud no especificados en el encabezado de un archivo JAR comprimido de Pack200-, que conlleva a un desbordamiento del búfer en la región heap de la memoria durante la descompresión. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling Pack200 compressed JAR files. During decompression, several fields within a Pack200 header are trusted and used to calculate sizes for heap buffer allocations. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=814 http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://secunia.com/advisories/36162 http://secunia.com/advisories/36176 http: • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 84%CPEs: 61EXPL: 0CVE-2009-1095 – OpenJDK Pack200 Buffer overflow vulnerability (6792554)
https://notcve.org/view.php?id=CVE-2009-1095
Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. Desbordamiento de entero en unpack200 en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v5.0 Update 17 y anteriores, y v6 Update 12 y anteriores, permite a atacantes remotos acceder a ficheros y ejecutar código de su elección a través de un archivo JAR con cabeceras Pack200 manipuladas. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=781 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html http://marc.info/?l=bugtraq&m=124344236 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 2%CPEs: 153EXPL: 0CVE-2009-1094 – OpenJDK LDAP client remote code execution (6737315)
https://notcve.org/view.php?id=CVE-2009-1094
Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. Vulnerabilidad no especificada en la implementación LDAP de Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v5.0 Update 17 y anteriores, v6 Update 12 y anteriores, SDK y JRE v1.3.1_24 y anteriores, y v1.4.2_19 y anteriores; permite a servidores LDAP remotos ejecutar código de su elección a través de vectores desconocidos relacionados con los datos en serie. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html http://marc.info/?l=bugtraq&m=124344236532162&w=2 http://secunia.com/advisories/34489 http://secunia.co •
CVSS: 10.0EPSS: 42%CPEs: 61EXPL: 0CVE-2009-1096 – OpenJDK Pack200 Buffer overflow vulnerability (6792554)
https://notcve.org/view.php?id=CVE-2009-1096
Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. Desbordamiento de búfer en unpack200 en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v5.0 Update 17 y anteriores, y v6 Update 12 y anteriores, permite a atacantes remotos acceder a archivos o ejecutar código de su elección a través de un archivo JAR con cabeceras PAck200 manipuladas. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html http://marc.info/?l=bugtraq&m=124344236532162&w=2 http://secunia.com/advisories/34489 http://secunia.co • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 15%CPEs: 153EXPL: 0CVE-2009-1093 – OpenJDK remote LDAP Denial-Of-Service (6717680)
https://notcve.org/view.php?id=CVE-2009-1093
LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang). LdapCtx en el servicio LDAP en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v5.0 actualización 17 y anteriores; 6 actualización 12 y anteriores; SDK y JRE v1.3.1_24 y anteriores; y v1.4.2_19 y anteriores no cierran la conexión cuando la inicialización falla, lo que permite a los atacantes remotos causar una denegación de servicio (cuelgue del servicio LDAP ). • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html http://marc.info/?l=bugtraq&m=124344236532162&w=2 http://secunia.com/advisories/34489 http://secunia.co • CWE-16: Configuration •