CVE-2009-0794

CWE-189CWE-190 ā€” Integer Overflow5 documents5 sources
Severity
5.0MEDIUM
EPSS
1.9%
top 16.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Openjdk
Timeline
PublishedApr 13
Latest updateMay 2

Description

Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

ā–¶NVDsun/openjdk1.6.0.0

šŸ”“Vulnerability Details

2
GHSA
GHSA-v359-jmw6-pq5h: Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLineā†—2022-05-02
ā–¶
CVEList
CVE-2009-0794: Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLineā†—2009-04-13
ā–¶

šŸ“‹Vendor Advisories

1
Red Hat
pulse-java integer overflowā†—2009-02-11
ā–¶

šŸ’¬Community

1
Bugzilla
CVE-2009-0794 pulse-java integer overflowā†—2009-03-26
ā–¶
CVE-2009-0794 (MEDIUM CVSS 5) | Integer overflow in the PulseAudioT | cvebase.io