Vulnerabilities > SUN > Java SE

DATE CVE VULNERABILITY TITLE RISK
2009-11-05 CVE-2009-3874 Numeric Errors vulnerability in SUN Jdk, JRE and SDK
Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
network
sun microsoft CWE-189
critical
9.3
2009-11-05 CVE-2009-3873 Buffer Errors vulnerability in SUN Jdk, JRE and SDK
The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.
network
sun microsoft CWE-119
critical
9.3
2009-11-05 CVE-2009-3872 Multiple Security vulnerability in SUN Jdk, JRE and SDK
Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.
network
sun microsoft
critical
9.3
2009-11-05 CVE-2009-3871 Buffer Errors vulnerability in SUN Jdk, JRE and SDK
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
network
sun microsoft CWE-119
critical
9.3
2009-11-05 CVE-2009-3869 Buffer Errors vulnerability in SUN Jdk, JRE and SDK
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
network
sun microsoft CWE-119
critical
9.3
2009-11-05 CVE-2009-3868 Buffer Errors vulnerability in SUN Jdk, JRE and SDK
Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.
network
sun microsoft CWE-119
critical
9.3
2009-11-05 CVE-2009-3867 Buffer Errors vulnerability in SUN Jdk, JRE and SDK
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
network
sun microsoft CWE-119
critical
9.3
2009-08-10 CVE-2009-2724 Race Condition vulnerability in SUN Java SE
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."
network
sun CWE-362
critical
9.3
2009-08-10 CVE-2009-2723 Unspecified vulnerability in SUN Java SE
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
network
low complexity
sun
critical
10.0
2009-08-10 CVE-2009-2722 Unspecified vulnerability in SUN Java SE
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594.
network
low complexity
sun
critical
10.0