// For flags

CVE-2006-6731

 

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information.

Múltiples desbordamientos de búfer en Sun Java Development Kit (JDK) y Java Runtime Environment (JRE) 5.0 Update 7 y anteriores, Java System Development Kit (SDK) y JRE 1.4.2_12 y anteriores a 1.4.x, y SDK y JRE 1.3.1_18 y anteriores permiten a atacantes remotos desarrollar applets de Java que lean, escriban o ejecuten ficheros locales, posiblemente relacionado con (1) desbordamientos de enteros en las funciones Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, y awt_parseColorModel; (2) un desbordamiento de búfer basado en pila en la función Java_sun_awt_image_ImagingLib_lookupByteRaster; y (3) manejo inadecuado de ciertos valores negativos en la función Java_sun_font_SunLayoutEngine_nativeLayout. NOTA: algunos de estos detalles se han obtenido de información de terceros.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-12-26 CVE Reserved
  • 2006-12-26 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-31 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (31)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=307177 Third Party Advisory
http://scary.beasts.org/security/CESA-2005-008.txt Third Party Advisory
http://secunia.com/advisories/23445 Third Party Advisory
http://secunia.com/advisories/23650 Third Party Advisory
http://secunia.com/advisories/23835 Third Party Advisory
http://secunia.com/advisories/24099 Third Party Advisory
http://secunia.com/advisories/24189 Third Party Advisory
http://secunia.com/advisories/24468 Third Party Advisory
http://secunia.com/advisories/25283 Third Party Advisory
http://secunia.com/advisories/25404 Third Party Advisory
http://secunia.com/advisories/28115 Third Party Advisory
http://securitytracker.com/id?1017425 Third Party Advisory
http://www.kb.cert.org/vuls/id/149457 Third Party Advisory
http://www.kb.cert.org/vuls/id/939609 Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-022A.html Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10134 Signature
URL Date SRC
URL Date SRC
http://www.securityfocus.com/bid/21675 2019-10-09
URL Date SRC
http://dev2dev.bea.com/pub/advisory/243 2019-10-09
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 2019-10-09
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html 2019-10-09
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html 2019-10-09
http://security.gentoo.org/glsa/glsa-200701-15.xml 2019-10-09
http://security.gentoo.org/glsa/glsa-200702-08.xml 2019-10-09
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 2019-10-09
http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml 2019-10-09
http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0062.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0072.html 2019-10-09
http://www.redhat.com/support/errata/RHSA-2007-0073.html 2019-10-09
https://access.redhat.com/security/cve/CVE-2006-6731 2007-02-09
https://bugzilla.redhat.com/show_bug.cgi?id=1618250 2007-02-09
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
-
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update1
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update2
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update3
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update4
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update5
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update6
Affected
Sun
Search vendor "Sun"
 Jdk
Search vendor "Sun" for product "Jdk"
 1.5.0
Search vendor "Sun" for product "Jdk" and version "1.5.0"
update7
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1
Search vendor "Sun" for product "Jre" and version "1.3.1"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_2
Search vendor "Sun" for product "Jre" and version "1.3.1_2"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_03
Search vendor "Sun" for product "Jre" and version "1.3.1_03"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_04
Search vendor "Sun" for product "Jre" and version "1.3.1_04"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_05
Search vendor "Sun" for product "Jre" and version "1.3.1_05"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_06
Search vendor "Sun" for product "Jre" and version "1.3.1_06"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_07
Search vendor "Sun" for product "Jre" and version "1.3.1_07"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_08
Search vendor "Sun" for product "Jre" and version "1.3.1_08"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_09
Search vendor "Sun" for product "Jre" and version "1.3.1_09"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_10
Search vendor "Sun" for product "Jre" and version "1.3.1_10"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_11
Search vendor "Sun" for product "Jre" and version "1.3.1_11"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_12
Search vendor "Sun" for product "Jre" and version "1.3.1_12"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_13
Search vendor "Sun" for product "Jre" and version "1.3.1_13"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_14
Search vendor "Sun" for product "Jre" and version "1.3.1_14"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_15
Search vendor "Sun" for product "Jre" and version "1.3.1_15"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_16
Search vendor "Sun" for product "Jre" and version "1.3.1_16"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_17
Search vendor "Sun" for product "Jre" and version "1.3.1_17"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.3.1_18
Search vendor "Sun" for product "Jre" and version "1.3.1_18"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2
Search vendor "Sun" for product "Jre" and version "1.4.2"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_1
Search vendor "Sun" for product "Jre" and version "1.4.2_1"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_2
Search vendor "Sun" for product "Jre" and version "1.4.2_2"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_3
Search vendor "Sun" for product "Jre" and version "1.4.2_3"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_4
Search vendor "Sun" for product "Jre" and version "1.4.2_4"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_5
Search vendor "Sun" for product "Jre" and version "1.4.2_5"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_6
Search vendor "Sun" for product "Jre" and version "1.4.2_6"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_7
Search vendor "Sun" for product "Jre" and version "1.4.2_7"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_8
Search vendor "Sun" for product "Jre" and version "1.4.2_8"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_9
Search vendor "Sun" for product "Jre" and version "1.4.2_9"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_10
Search vendor "Sun" for product "Jre" and version "1.4.2_10"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_11
Search vendor "Sun" for product "Jre" and version "1.4.2_11"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.4.2_12
Search vendor "Sun" for product "Jre" and version "1.4.2_12"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
-
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update1
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update2
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update3
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update4
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update5
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update6
Affected
Sun
Search vendor "Sun"
 Jre
Search vendor "Sun" for product "Jre"
 1.5.0
Search vendor "Sun" for product "Jre" and version "1.5.0"
update7
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1
Search vendor "Sun" for product "Sdk" and version "1.3.1"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_01
Search vendor "Sun" for product "Sdk" and version "1.3.1_01"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_01a
Search vendor "Sun" for product "Sdk" and version "1.3.1_01a"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_02
Search vendor "Sun" for product "Sdk" and version "1.3.1_02"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_03
Search vendor "Sun" for product "Sdk" and version "1.3.1_03"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_04
Search vendor "Sun" for product "Sdk" and version "1.3.1_04"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_05
Search vendor "Sun" for product "Sdk" and version "1.3.1_05"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_06
Search vendor "Sun" for product "Sdk" and version "1.3.1_06"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_07
Search vendor "Sun" for product "Sdk" and version "1.3.1_07"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_08
Search vendor "Sun" for product "Sdk" and version "1.3.1_08"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_09
Search vendor "Sun" for product "Sdk" and version "1.3.1_09"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_10
Search vendor "Sun" for product "Sdk" and version "1.3.1_10"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_11
Search vendor "Sun" for product "Sdk" and version "1.3.1_11"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_12
Search vendor "Sun" for product "Sdk" and version "1.3.1_12"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_13
Search vendor "Sun" for product "Sdk" and version "1.3.1_13"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_14
Search vendor "Sun" for product "Sdk" and version "1.3.1_14"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_15
Search vendor "Sun" for product "Sdk" and version "1.3.1_15"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_16
Search vendor "Sun" for product "Sdk" and version "1.3.1_16"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_17
Search vendor "Sun" for product "Sdk" and version "1.3.1_17"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.3.1_18
Search vendor "Sun" for product "Sdk" and version "1.3.1_18"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2
Search vendor "Sun" for product "Sdk" and version "1.4.2"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_1
Search vendor "Sun" for product "Sdk" and version "1.4.2_1"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_2
Search vendor "Sun" for product "Sdk" and version "1.4.2_2"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_3
Search vendor "Sun" for product "Sdk" and version "1.4.2_3"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_4
Search vendor "Sun" for product "Sdk" and version "1.4.2_4"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_5
Search vendor "Sun" for product "Sdk" and version "1.4.2_5"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_6
Search vendor "Sun" for product "Sdk" and version "1.4.2_6"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_7
Search vendor "Sun" for product "Sdk" and version "1.4.2_7"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_8
Search vendor "Sun" for product "Sdk" and version "1.4.2_8"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_9
Search vendor "Sun" for product "Sdk" and version "1.4.2_9"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_10
Search vendor "Sun" for product "Sdk" and version "1.4.2_10"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_11
Search vendor "Sun" for product "Sdk" and version "1.4.2_11"
-
Affected
Sun
Search vendor "Sun"
 Sdk
Search vendor "Sun" for product "Sdk"
 1.4.2_12
Search vendor "Sun" for product "Sdk" and version "1.4.2_12"
-
Affected