Back to search

JRE Multiple Overflows

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) November 05, 2009 November 18, 2009 July 16, 2012

Available Exploits 

Description

The Java Runtime Environment (JRE) 6 update 16 and earlier, 5.0 update 21 and earlier, 1.4.2_23 and earlier as well as 1.3.1_26 and earlier suffer from a series of buffer overflow and integer overflow vulnerabilities. These flaws can be potentially leveraged to execute arbitrary code.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Oracle JRE >= 1.6.0.0 and < 1.6.0.17

    Upgrade to Oracle Java version 1.6.0.17

    Upgrade your copy of the Java Runtime Environment to 1.6.0.17, which can be downloaded from here.

  • Oracle JRE >= 1.5.0.0 and < 1.5.0.22

    Upgrade to Oracle Java version 1.5.0.22

    Upgrade your copy of the Java Runtime Environment to 1.5.0.22, which can be downloaded from here.

  • Oracle JRE >= 1.4.0.0 and < 1.4.2.24

    Upgrade to Oracle Java version 1.4.2.24

    Upgrade your copy of the Java Runtime Environment to 1.4.2.24, which can be downloaded from here. Note that this version requires Oracle Java SE Support, otherwise it is recommended to upgrade to the latest public JRE.

  • Oracle JRE >= 1.3.0.0 and < 1.3.1.27

    Upgrade to Oracle Java version 1.3.1.27

    Upgrade your copy of the Java Runtime Environment to 1.3.1.27, which can be downloaded from here.

Related Vulnerabilities