Rapid7 Vulnerability & Exploit Database

JRE Audio and Image File Buffer and Integer Overflow Vulnerabilities

Back to Search

JRE Audio and Image File Buffer and Integer Overflow Vulnerabilities

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
11/05/2009
Created
07/25/2018
Added
12/18/2009
Modified
09/13/2018

Description

Multiple buffer and integer overflow vulnerabilities in the Java Runtime Environment with processing audio and image files may allow an untrusted applet or Java Web Start application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.

Solution(s)

  • jre-upgrade-latest

References

  • jre-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;