Showing 1 - 3 of 3

CVE-2009-3728

Status Candidate

Overview

Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.

Related Files

Mandriva Linux Security Advisory 2010-084: Posted Apr 28, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.; tags | advisory, java, vulnerability; systems | linux, mandriva; advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082; SHA-256 | 312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26f; Download | Favorite | View

Netragard Security Advisory 2009-12-19: Posted Dec 30, 2009; Authored by Adriel T. Desautels, Netragard | Site netragard.com; Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.; tags | exploit, java, remote, overflow, code execution; systems | apple, osx; advisories | CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866; SHA-256 | b4e62b2f700ce3815f78c1991849fbb9ad953a16a199be95b8d4740f1b5ad9a7; Download | Favorite | View

Ubuntu Security Notice 859-1: Posted Nov 18, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 859-1 - Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. It was discovered that ICC profiles could be identified with ".." pathnames. Peter Vreugdenhil discovered multiple flaws in the processing of graphics in the AWT library. Multiple flaws were discovered in JPEG and BMP image handling. Multiple flaws were discovered in ASN.1 parsing. It was discovered that the graphics configuration subsystem did not correctly handle arrays.; tags | advisory, spoof; systems | linux, ubuntu; advisories | CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885; SHA-256 | 3a2e680a13f977b81a1d37e61bc6bdfa08463e69eae900c81456f8f673c77864; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2009-3728

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems