CVE Vulnerabilities

CVE-2007-2789

Published: May 22, 2007 | Modified: Aug 01, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty.

Affected Software

Name Vendor Start Version End Version
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.5.0 1.5.0
Jdk Sun 1.6.0 1.6.0

References