CVE-2009-2674
published 2009-08-05CVE-2009-2674: Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | bea_product_suite | — | — |
| sun | jdk | — | — |
| sun | jdk | — | — |
| sun | jre | — | — |