CVE-2007-2788

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 17 years ago

2007-05-22 00:30:00

Last updated 5 years ago

2019-08-01 12:21:00

Affected Software

Sun JDK 1.5.0

1.5.0

Sun JDK 5.0 Update1

1.5.0

Sun JDK 5.0 Update10

1.5.0

Sun JDK 5.0 Update2

1.5.0

Sun JDK 5.0 Update3

1.5.0

Sun JDK 5.0 Update4

1.5.0

Sun JDK 5.0 Update5

1.5.0

Sun JDK 1.5.0_6

1.5.0

Sun JDK 5.0 Update7

1.5.0

Sun JDK 5.0 Update8

1.5.0

Sun JDK 5.0 Update9

1.5.0

Sun JDK 1.6.0

1.6.0

Sun JRE 1.3.1

1.3.1

Sun JRE 1.3.1_2

1.3.1_2

Sun JRE 1.3.1_03

1.3.1_03

Sun JRE 1.3.1_04

1.3.1_04

Sun JRE 1.3.1_05

1.3.1_05

Sun JRE 1.3.1_06

1.3.1_06

Sun JRE 1.3.1_07

1.3.1_07

Sun JRE 1.3.1_08

1.3.1_08

Sun JRE 1.3.1_09

1.3.1_09

Sun JRE 1.3.1_10

1.3.1_10

Sun JRE 1.3.1_11

1.3.1_11

Sun JRE 1.3.1_12

1.3.1_12

Sun JRE 1.3.1_13

1.3.1_13

Sun JRE 1.3.1_14

1.3.1_14

Sun JRE 1.3.1_15

1.3.1_15

Sun JRE 1.3.1_16

1.3.1_16

Sun JRE 1.3.1_17

1.3.1_17

Sun JRE 1.3.1_18

1.3.1_18

Sun JRE 1.3.1_19

1.3.1_19

Sun JRE 1.3.1_20

1.3.1_20

Sun JRE 1.4.2

1.4.2

Sun JRE 1.4.2_1

1.4.2_1

Sun JRE 1.4.2_2

1.4.2_2

Sun JRE 1.4.2_3

1.4.2_3

Sun JRE 1.4.2_4

1.4.2_4

Sun JRE 1.4.2_5

1.4.2_5

Sun JRE 1.4.2_6

1.4.2_6

Sun JRE 1.4.2_7

1.4.2_7

Sun JRE 1.4.2_8

1.4.2_8

Sun JRE 1.4.2_9

1.4.2_9

Sun JRE 1.4.2_10

1.4.2_10

Sun JRE 1.4.2_11

1.4.2_11

Sun JRE 1.4.2_12

1.4.2_12

Sun JRE 1.4.2_13

1.4.2_13

Sun JRE 1.4.2_14

1.4.2_14

Sun JRE 1.5.0

1.5.0

Sun JRE 1.5.0_1 (JRE 5.0 Update 1)

1.5.0

Sun JRE 1.5.0_10 (JRE 5.0 Update 10)

1.5.0

Sun JRE 1.5.0_2 (JRE 5.0 Update 2)

1.5.0

Sun JRE 1.5.0_3 (JRE 5.0 Update 3)

1.5.0

Sun JRE 1.5.0_4 (JRE 5.0 Update 4)

1.5.0

Sun JRE 1.5.0_5 (JRE 5.0 Update 5)

1.5.0

Sun JRE 1.5.0_6 (JRE 5.0 Update 6)

1.5.0

Sun JRE 1.5.0_7 (JRE 5.0 Update 7)

1.5.0

Sun JRE 1.5.0_8 (JRE 5.0 Update 8)

1.5.0

Sun JRE 1.5.0_9 (JRE 5.0 Update 9)

1.5.0

Sun JRE 1.6.0

1.6.0

Sun SDK 1.3.1

1.3.1

Sun SDK 1.3.1_01

1.3.1_01

Sun SDK 1.3.1_01a

1.3.1_01a

Sun SDK 1.3.1_02

1.3.1_02

Sun SDK 1.3.1_03

1.3.1_03

Sun SDK 1.3.1_04

1.3.1_04

Sun SDK 1.3.1_05

1.3.1_05

Sun SDK 1.3.1_06

1.3.1_06

Sun SDK 1.3.1_07

1.3.1_07

Sun SDK 1.3.1_08

1.3.1_08

Sun SDK 1.3.1_09

1.3.1_09

Sun SDK 1.3.1_10

1.3.1_10

Sun SDK 1.3.1_11

1.3.1_11

Sun SDK 1.3.1_12

1.3.1_12

Sun SDK 1.3.1_13

1.3.1_13

Sun SDK 1.3.1_14

1.3.1_14

Sun SDK 1.3.1_15

1.3.1_15

Sun SDK 1.3.1_16

1.3.1_16

Sun SDK 1.3.1_17

1.3.1_17

Sun SDK 1.3.1_18

1.3.1_18

Sun SDK 1.3.1_19

1.3.1_19

Sun SDK 1.3.1_20

1.3.1_20

SDK 1.4.2

1.4.2

Sun SDK 1.4.2_1

1.4.2_1

Sun SDK 1.4.2_2

1.4.2_2

Sun SDK 1.4.2_3

1.4.2_3

Sun SDK 1.4.2_4

1.4.2_4

Sun SDK 1.4.2_5

1.4.2_5

Sun SDK 1.4.2_6

1.4.2_6

Sun SDK 1.4.2_7

1.4.2_7

Sun SDK 1.4.2_8

1.4.2_8

Sun SDK 1.4.2_9

1.4.2_9

Sun SDK 1.4.2_10

1.4.2_10

Sun SDK 1.4.2_11

1.4.2_11

Sun SDK 1.4.2_12

1.4.2_12

Sun SDK 1.4.2_13

1.4.2_13

Sun SDK 1.4.2_14

1.4.2_14

References

BEA07-177.00

Third Party Advisory

http://docs.info.apple.com/article.html?artnum=307177

Broken Link

APPLE-SA-2007-12-14

Mailing List, Third Party Advisory

[Security-announce] 20080107 VMSA-2008-0002 Low severity security update for VirtualCenter and ESX Server 3.0.2, and ESX 3.0.1

Mailing List, Third Party Advisory

http://scary.beasts.org/security/CESA-2006-004.html

Third Party Advisory

25295

Patch, Third Party Advisory

25474

Third Party Advisory

25832

Third Party Advisory

26049

Third Party Advisory

26119

Third Party Advisory

26311

Third Party Advisory

26369

Third Party Advisory

26631

Third Party Advisory

26645

Third Party Advisory

26933

Third Party Advisory

27203

Third Party Advisory

27266

Third Party Advisory

28056

Third Party Advisory

28115

Third Party Advisory

28365

Third Party Advisory

29340

Third Party Advisory

29858

Third Party Advisory

30780

Third Party Advisory

30805

Third Party Advisory

GLSA-200706-08

Third Party Advisory

GLSA-200804-28

Third Party Advisory

102934

Broken Link

200856

Broken Link

http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html

Third Party Advisory

http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html

Third Party Advisory

20071218 Sun JDK Confusion Revisited

Third Party Advisory

20070703 Sun JDK Confusion

Third Party Advisory

20070704 [theall at tenablesecurity.com: Sun JDK Confusion] (fwd)

Third Party Advisory

20070711 Sun JDK Confusion

Third Party Advisory

GLSA-200705-23

Third Party Advisory

GLSA-200709-15

Third Party Advisory

GLSA-200804-20

Third Party Advisory

GLSA-200806-11

Third Party Advisory

VU#138545

Third Party Advisory, US Government Resource

SUSE-SA:2007:045

Third Party Advisory

SUSE-SA:2007:056

Third Party Advisory

RHSA-2007:0817

Third Party Advisory

RHSA-2007:0829

Third Party Advisory

RHSA-2007:0956

Third Party Advisory

RHSA-2007:1086

Third Party Advisory

RHSA-2008:0100

Third Party Advisory

RHSA-2008:0133

Third Party Advisory

RHSA-2008:0261

Third Party Advisory

24004

Third Party Advisory, VDB Entry

24267

Third Party Advisory, VDB Entry

1018182

Third Party Advisory, VDB Entry

ADV-2007-1836

Permissions Required

ADV-2007-3009

Permissions Required

ADV-2007-4224

Permissions Required

ADV-2008-0065

Permissions Required

sunjava-iccprofile-overflow(34318)

Third Party Advisory, VDB Entry

sun-java-image-bo(34652)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:11700

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.