CVE-2009-3874

Priority
Medium
Description
Integer overflow in the JPEGImageReader implementation in the ImageI/O
component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6
before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote
attackers to execute arbitrary code via large subsample dimensions in a
JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
References
Package
Upstream:released (6b17)
Package
Upstream:released (1.5.0-22)
Package
Upstream:released (6.17)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:37:01 UTC (commit 9756)