CVE-2009-0794
Published: 13 April 2009
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
Priority
Status
Package | Release | Status |
---|---|---|
openjdk-6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Does not exist
|
|
hardy |
Not vulnerable
(code not present)
|
|
intrepid |
Not vulnerable
(already fixed)
|
|
jaunty |
Not vulnerable
(already fixed)
|
|
upstream |
Released
(6b15)
|
|
Patches: upstream: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html |