CVE-2009-1097Improper Restriction of Operations within the Bounds of a Memory Buffer in JDK

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-823Use of Out-of-range Pointer Offset8 documents8 sources
Severity
9.3CRITICALNVD
EPSS
4.7%
top 10.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedMar 25
Latest updateMay 2

Description

Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDsun/jdk1.6.0+1
NVDsun/jre1.6.0+1

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-q7x4-hch5-5w3x: Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access2022-05-02
CVEList
CVE-2009-1097: Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access2009-03-25

💥Exploits & PoCs

1
Exploit-DB
Apple iTunes 8.1.x - 'daap' Remote Buffer Overflow2010-01-14

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities2009-03-26
Red Hat
OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)2009-03-25

📐Framework References

1
CWE
Use of Out-of-range Pointer Offset

💬Community

1
Bugzilla
CVE-2009-1097 OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)2009-03-13
CVE-2009-1097 — SUN JDK vulnerability | cvebase