Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and previous versions, and JDK and JRE 5.0 Update 16 and previous versions, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun jre 6 |
||
sun jdk 6 |
||
sun jdk 5.0 |
||
sun jre 5.0 |
||
sun jre |
||
sun jdk |