Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jdk | Sun | * | 5.0 (including) |
Jdk | Sun | * | 6 (including) |
Jdk | Sun | 5.0-update_1 (including) | 5.0-update_1 (including) |
Jdk | Sun | 5.0-update_10 (including) | 5.0-update_10 (including) |
Jdk | Sun | 5.0-update_11 (including) | 5.0-update_11 (including) |
Jdk | Sun | 5.0-update_12 (including) | 5.0-update_12 (including) |
Jdk | Sun | 5.0-update_13 (including) | 5.0-update_13 (including) |
Jdk | Sun | 5.0-update_14 (including) | 5.0-update_14 (including) |
Jdk | Sun | 5.0-update_15 (including) | 5.0-update_15 (including) |
Jdk | Sun | 5.0-update_2 (including) | 5.0-update_2 (including) |
Jdk | Sun | 5.0-update_3 (including) | 5.0-update_3 (including) |
Jdk | Sun | 6 (including) | 6 (including) |
Jdk | Sun | 6-update_1 (including) | 6-update_1 (including) |
Jdk | Sun | 6-update_2 (including) | 6-update_2 (including) |
Jdk | Sun | 6-update_3 (including) | 6-update_3 (including) |
Jdk | Sun | 6-update_4 (including) | 6-update_4 (including) |
Jdk | Sun | 6-update_5 (including) | 6-update_5 (including) |
Jdk | Sun | 6-update_6 (including) | 6-update_6 (including) |
Jdk | Sun | 6-update_7 (including) | 6-update_7 (including) |
Jdk | Sun | 6-update_8 (including) | 6-update_8 (including) |
Jre | Sun | * | 5.0 (including) |
Jre | Sun | * | 6 (including) |
Jre | Sun | 5.0 (including) | 5.0 (including) |
Jre | Sun | 5.0-update_1 (including) | 5.0-update_1 (including) |
Jre | Sun | 5.0-update_10 (including) | 5.0-update_10 (including) |
Jre | Sun | 5.0-update_11 (including) | 5.0-update_11 (including) |
Jre | Sun | 5.0-update_12 (including) | 5.0-update_12 (including) |
Jre | Sun | 5.0-update_13 (including) | 5.0-update_13 (including) |
Jre | Sun | 5.0-update_14 (including) | 5.0-update_14 (including) |
Jre | Sun | 5.0-update_15 (including) | 5.0-update_15 (including) |
Jre | Sun | 5.0-update_2 (including) | 5.0-update_2 (including) |
Jre | Sun | 6 (including) | 6 (including) |
Jre | Sun | 6-update_1 (including) | 6-update_1 (including) |
Jre | Sun | 6-update_2 (including) | 6-update_2 (including) |
Jre | Sun | 6-update_3 (including) | 6-update_3 (including) |
Jre | Sun | 6-update_4 (including) | 6-update_4 (including) |
Jre | Sun | 6-update_5 (including) | 6-update_5 (including) |
Jre | Sun | 6-update_6 (including) | 6-update_6 (including) |
Jre | Sun | 6-update_7 (including) | 6-update_7 (including) |
Jre | Sun | 6-update_8 (including) | 6-update_8 (including) |