Published: 17/05/2006 Updated: 18/10/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Sun Java Runtime Environment (JRE) 1.5.0_6 and previous versions, JDK 1.5.0_6 and previous versions, and SDK 1.5.0_6 and previous versions allows remote malicious users to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 1.5.0
sun sdk 1.5.0_6
sun jdk 1.5.0

It was discovered that font creation could leak temporary files If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service (CVE-2006-2426, CVE-2009-1100) ...

Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Security R ...

Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...

Synopsis Critical: java-150-sun security update Type/Severity Security Advisory: Critical Topic Updated java-150-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...

source: wwwsecurityfocuscom/bid/17981/info Sun Java is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain Java applets Successfully exploiting this issue will cause the application to create a temporary file that will grow in an unbounded fashion, consuming all available disk space ...

NVD-CWE-Other http://www.illegalaccess.org/exploit/FullDiskApplet.html http://secunia.com/advisories/20132 http://www.novell.com/linux/security/advisories/2006-06-02.html http://www.securityfocus.com/bid/17981 http://secunia.com/advisories/20457 http://www.osvdb.org/25561 http://securityreason.com/securityalert/909 http://www.redhat.com/support/errata/RHSA-2009-0392.html http://secunia.com/advisories/34489 http://www.redhat.com/support/errata/RHSA-2009-0394.html http://www.ubuntu.com/usn/usn-748-1 https://rhn.redhat.com/errata/RHSA-2009-0377.html http://secunia.com/advisories/34495 http://secunia.com/advisories/34496 http://secunia.com/advisories/34675 http://www.debian.org/security/2009/dsa-1769 http://secunia.com/advisories/34632 http://www.mandriva.com/security/advisories?name=MDVSA-2009:137 http://www.mandriva.com/security/advisories?name=MDVSA-2009:162 http://www.vupen.com/english/advisories/2006/1824 http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/26493 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10609 http://www.securityfocus.com/archive/1/434001/100/0/threaded https://usn.ubuntu.com/748-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/27882/

CVE-2006-2426

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect