CVE-2009-1096
Publication date 25 March 2009
Last updated 24 July 2024
Ubuntu priority
Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
Status
Package | Ubuntu Release | Status |
---|---|---|
openjdk-6 | 10.10 maverick |
Not affected
|
10.04 LTS lucid |
Not affected
|
|
9.10 karmic |
Not affected
|
|
9.04 jaunty |
Not affected
|
|
8.10 intrepid |
Fixed 6b12-0ubuntu6.4
|
|
8.04 LTS hardy |
Fixed 6b18-1.8.2-4ubuntu1~8.04.1
|
|
7.10 gutsy | Not in release | |
6.06 LTS dapper | Not in release | |
sun-java5 | 10.10 maverick | Not in release |
10.04 LTS lucid | Not in release | |
9.10 karmic | Not in release | |
9.04 jaunty |
Not affected
|
|
8.10 intrepid | Ignored end of life, was needs-triage | |
8.04 LTS hardy |
Not affected
|
|
7.10 gutsy | Ignored end of life, was needs-triage | |
6.06 LTS dapper | Ignored end of life | |
sun-java6 | 10.10 maverick |
Not affected
|
10.04 LTS lucid |
Fixed 6.20dlj-1ubuntu3
|
|
9.10 karmic |
Fixed 6.20dlj-0ubuntu1.9.10
|
|
9.04 jaunty |
Fixed 6.20dlj-0ubuntu1.9.04
|
|
8.10 intrepid | Ignored end of life, was needs-triage | |
8.04 LTS hardy |
Fixed 6.20dlj-0ubuntu1.8.04
|
|
7.10 gutsy | Ignored end of life, was needs-triage | |
6.06 LTS dapper | Not in release |