CVE-2019-11772
JDK: Out-of-bounds access in the String.getBytes method
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
En OpenJ9 anterior a versión 0.15 de Eclipse, el método String.getBytes (int, int, byte[], int) no comprueba que la matriz de bytes proporcionada no sea nula ni que el índice suministrado esté dentro de los límites cuando está compilado por el JIT. Esto permite escrituras arbitrarias en cualquier dirección de 32 bits o más allá del final de una matriz de bytes dentro del código Java ejecutado bajo un SecurityManager.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-05-06 CVE Reserved
- 2019-07-17 CVE Published
- 2024-07-10 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-787: Out-of-bounds Write
CAPEC
References (6)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:2585 | 2019-09-02 | |
| https://access.redhat.com/errata/RHSA-2019:2590 | 2019-09-02 | |
| https://access.redhat.com/errata/RHSA-2019:2592 | 2019-09-02 | |
| https://access.redhat.com/errata/RHSA-2019:2737 | 2019-09-02 | |
| https://access.redhat.com/security/cve/CVE-2019-11772 | 2019-09-11 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1738547 | 2019-09-11 |