|Sun Java Runtime Environment JPEG图像处理整数溢出漏洞

Sun Java Runtime Environment JPEG图像处理整数溢出漏洞

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Bugraq ID: 35942 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Sun Java Runtime Environment负责处理装载WebStart应用程序的定制JPEG的代码存在缺陷，远程攻击者可以利用漏洞以登录用户安全上下文执行任意指令。当处理splash screen时，Javaws.exe错误计算大小并用于之后的缓冲区分配，在之后的解压缩过程中，Java Web Start会写数据到错误分配的缓冲区中，导致基于堆的缓冲区溢出，并以当前用户安全上下文执行任意指令。 Sun JRE 6.0 Update 7 Sun JRE 6.0 Update 6 Sun JRE 6.0 Update 5 Sun JRE 6.0 Update 4 Sun JRE 6.0 Update 3 Sun JRE 6.0 Update 2 Sun JRE 6.0 Update 14 Sun JRE 6.0 Update 13 Sun JRE 6.0 Update 12 Sun JRE 6.0 Update 11 Sun JRE 6.0 Update 10 Sun JRE 6.0 Update 1 Sun JDK (Windows Production Release) 1.6.0_03 Sun JDK (Windows Production Release) 1.6.0_02 Sun JDK (Windows Production Release) 1.6.0_01-b06 Sun JDK (Windows Production Release) 1.6.0_01 Sun JDK (Solaris Production Release) 1.6.0_03 Sun JDK (Solaris Production Release) 1.6.0_02 Sun JDK (Solaris Production Release) 1.6.0_01 Sun JDK (Linux Production Release) 1.6.0_03 Sun JDK (Linux Production Release) 1.6.0_02 Sun JDK (Linux Production Release) 1.6.0_01 Sun JDK 6.0 Update 7 Sun JDK 6.0 Update 6 Sun JDK 6.0 Update 5 Sun JDK 6.0 Update 4 Sun JDK 6.0 Update 3 Sun JDK 6.0 Update 2 Sun JDK 6.0 Update 14 Sun JDK 6.0 Update 13 Sun JDK 6.0 Update 11 Sun JDK 6.0 Update 10 Sun JDK 6.0 Update 1 Sun JDK 6.0 用户可参考如下升级程序： Sun JDK (Windows Production Release) 1.6.0_02 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Linux Production Release) 1.6.0_03 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 2 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 11 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 6 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 5 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 2 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Windows Production Release) 1.6.0_03 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 10 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 4 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Linux Production Release) 1.6.0_01 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 1 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 10 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 11 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 3 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Solaris Production Release) 1.6.0_03 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 6 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Windows Production Release) 1.6.0_01 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Solaris Production Release) 1.6.0_02 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 7 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 14 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 13 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 12 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 3 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 7 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Linux Production Release) 1.6.0_02 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 4 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 13 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Solaris Production Release) 1.6.0_01 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK (Windows Production Release) 1.6.0_01-b06 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JRE 6.0 Update 14 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp Sun JDK 6.0 Update 5 Sun JDK and JRE 6 Update 15 http://java.sun.com/javase/downloads/index.jsp

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™