what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2009-3728

Status Candidate

Overview

Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.

Related Files

Mandriva Linux Security Advisory 2010-084
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082
SHA-256 | 312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26f
Netragard Security Advisory 2009-12-19
Posted Dec 30, 2009
Authored by Adriel T. Desautels, Netragard | Site netragard.com

Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.

tags | exploit, java, remote, overflow, code execution
systems | apple, osx
advisories | CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866
SHA-256 | b4e62b2f700ce3815f78c1991849fbb9ad953a16a199be95b8d4740f1b5ad9a7
Ubuntu Security Notice 859-1
Posted Nov 18, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 859-1 - Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. It was discovered that ICC profiles could be identified with ".." pathnames. Peter Vreugdenhil discovered multiple flaws in the processing of graphics in the AWT library. Multiple flaws were discovered in JPEG and BMP image handling. Multiple flaws were discovered in ASN.1 parsing. It was discovered that the graphics configuration subsystem did not correctly handle arrays.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885
SHA-256 | 3a2e680a13f977b81a1d37e61bc6bdfa08463e69eae900c81456f8f673c77864
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close