Showing 1 - 3 of 3

CVE-2009-3728

Status Candidate

Overview

Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.

Related Files

Mandriva Linux Security Advisory 2010-084: Posted Apr 28, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.; tags | advisory, java, vulnerability; systems | linux, mandriva; advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082; SHA-256 | 312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26f; Download | Favorite | View

Netragard Security Advisory 2009-12-19: Posted Dec 30, 2009; Authored by Adriel T. Desautels, Netragard | Site netragard.com; Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.; tags | exploit, java, remote, overflow, code execution; systems | apple, osx; advisories | CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866; SHA-256 | b4e62b2f700ce3815f78c1991849fbb9ad953a16a199be95b8d4740f1b5ad9a7; Download | Favorite | View

Ubuntu Security Notice 859-1: Posted Nov 18, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 859-1 - Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. It was discovered that ICC profiles could be identified with ".." pathnames. Peter Vreugdenhil discovered multiple flaws in the processing of graphics in the AWT library. Multiple flaws were discovered in JPEG and BMP image handling. Multiple flaws were discovered in ASN.1 parsing. It was discovered that the graphics configuration subsystem did not correctly handle arrays.; tags | advisory, spoof; systems | linux, ubuntu; advisories | CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885; SHA-256 | 3a2e680a13f977b81a1d37e61bc6bdfa08463e69eae900c81456f8f673c77864; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2009-3728

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems