Описание
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | Sun Java only |
| gutsy | DNE | |
| hardy | not-affected | Sun Java only |
| intrepid | not-affected | Sun Java only |
| jaunty | not-affected | Sun Java only |
| karmic | not-affected | Sun Java only |
| lucid | not-affected | Sun Java only |
| upstream | not-affected | Sun Java only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | not-affected | 1.5.0-22-0ubuntu0.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | not-affected | 1.5.0-19-0ubuntu0.9.04 |
| karmic | DNE | |
| lucid | DNE | |
| upstream | released | 1.5.0-18 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | released | 6.20dlj-0ubuntu1.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | released | 6.20dlj-0ubuntu1.9.04 |
| karmic | released | 6.20dlj-0ubuntu1.9.10 |
| lucid | released | 6.20dlj-1ubuntu3 |
| upstream | released | 6.13 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.
Integer signedness error in Java SE Development Kit (JDK) and Java Run ...
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.
EPSS
7.5 High
CVSS2