Published: 2007-01-24T06:47+00:00
Last Updated: 2007-01-25T21:55+00:00
TRTA07-022A
Sun Updates for Multiple Vulnerabilities in Java
Overview
The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Event Information
| Date (UTC) | Description |
| 2007-01-22 19:34 |
US-CERT TA07-022A: Sun Updates for Multiple Vulnerabilities in Java Via US-CERT Mailing List The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. |
| 2007-01-21 |
Bugtraq Sun Java RunTime Environment GIF Images Buffer Overflow Vulnerability Java GIF File Parsing Memory Corruption Vulnerability Proof Of Concept (CVE-2007-0243) #Cid: JvmGifVulPoc.java #Tested: Sun JRE 1.5 |
| 2007-01-10 |
US-CERT Exploit Code Available for Multiple Vulnerabilities in Sun Java Runtime Environment US-CERT is aware of publicly available exploit code for multiple vulnerabilities in Sun Java Runtime Environment (JRE). |
| 2006-12-19 22:03 |
CESA-2005-008: Sun JDK sandbox escape via native code vulnerabilities There are enough methods backed by native code that it is likely to take some time before they are all audited. Until this is done, untrusted applets and applications may not be run with any confidence. |
| 2006-12-19 07:00 |
Sun Microsystems 102729: Security Vulnerabilities in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges and Execute Arbitrary Code Two buffer overflow vulnerabilities in the Java Runtime Environment may independently allow an untrusted applet to elevate its privileges. |
| 2006-12-19 07:00 |
Sun Microsystems 102731: Security Vulnerabilities Related to Serialization in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges Two vulnerabilities related to serialization in the Java Runtime Environment may independently allow an untrusted applet or application to elevate its privileges. |
| 2006-06-16 |
Zero Day Initiative (ZDI) ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Vulnerability Reported |