Rapid7 Vulnerability & Exploit Database

JRE Image and Font Processing Buffer Overflows

Back to Search

JRE Image and Font Processing Buffer Overflows

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
12/05/2008
Created
07/25/2018
Added
11/18/2009
Modified
09/13/2018

Description

Multiple buffer overflow vulnerabilities exist in the Java Runtime Environment (JRE) 6 update 10 and earlier, 5.0 update 16 and earlier, 1.4.2_18 and earlier as well as 1.3.1_23 and earlier. These have the potential to allow applets or applications to escalate their privilege, allowing these programs to read, write and execute programs and files from the local filesystem.

Solution(s)

  • jre-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;