Integer overflow in the JAR unpacking utility (unpack200) in the unpack
library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE
6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows
untrusted applications and applets to gain privileges via a Pack200
compressed JAR file that triggers a heap-based buffer overflow.
Updated: 2012-06-01 15:19:20 UTC (commit 5347)