what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-059
Posted Apr 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-059 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within a function responsible for creating a JPEG image encoder. The function makes an invalid assignment based on the value of the num_components element of a comp_info structure while parsing a JPEG file. It then improperly uses the original value while performing memory copy operations. By specifying certain values as the num_components field this can be exploited to gain arbitrary code execution by overflowing an undersized buffer on the heap.

tags | advisory, java, remote, overflow, arbitrary, code execution
advisories | CVE-2010-0846
MD5 | 3f11d454159ea849f3c9281293ae98e0
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Apple Drops Hong Kong Police Tracking App Used By Protesters
Posted Oct 10, 2019

tags | headline, government, phone, china, cyberwar, apple
Forum Cracks The Vintage Passwords Of Ken Thompson And Other Unix Pioneers
Posted Oct 10, 2019

tags | headline, password
Ransomware Gang Uses iTunes Zero-Day
Posted Oct 10, 2019

tags | headline, hacker, virus, fraud, flaw, patch, apple, zero day
Human Rights Activist Allegedly Targeted With NSO Malware
Posted Oct 10, 2019

tags | headline, government, privacy, cyberwar, spyware
Court Finds FBI Use Of NSA Database Violated Americans' 4th Amendment Rights
Posted Oct 9, 2019

tags | headline, government, privacy, usa, data loss, spyware, fbi, nsa
Cookie Monster Eats Data From Sesame Street Store
Posted Oct 9, 2019

tags | headline, hacker, cybercrime, data loss, fraud, backdoor
iOS 13 Tells You When Apps Are Secretly Tracking You
Posted Oct 9, 2019

tags | headline, privacy, phone, spyware, apple
Twitter Sold User Security Information To Advertisers
Posted Oct 9, 2019

tags | headline, privacy, data loss, twitter
Trump's Syria Move Blindsides National Security Leaders
Posted Oct 8, 2019

tags | headline, government, usa, turkey, terror, syria
D-Link Gear Open To Remote Takeover Will Remain Unpatched
Posted Oct 8, 2019

tags | headline, flaw, patch
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close