Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2009-2674

Published: 5 August 2009

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
openjdk-6
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (6b18-1.8.2-4ubuntu1~8.04.1)
upstream
Released (6b16)
intrepid
Released (6b12-0ubuntu6.5)
jaunty
Released (6b14-1.4.1-0ubuntu11)
karmic Not vulnerable
(6b16-1.6.1-0ubuntu1)
lucid Not vulnerable
(6b16-1.6.1-0ubuntu1)
maverick Not vulnerable
(6b16-1.6.1-0ubuntu1)
sun-java5
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy Not vulnerable

intrepid Ignored
(end of life, was needs-triage)
jaunty Not vulnerable

karmic Does not exist

lucid Does not exist

maverick Does not exist

upstream Not vulnerable

sun-java6
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (6.20dlj-0ubuntu1.8.04)
intrepid Ignored
(end of life, was needs-triage)
jaunty
Released (6.20dlj-0ubuntu1.9.04)
karmic
Released (6-15-1)
lucid
Released (6-15-1)
maverick Not vulnerable

upstream
Released (6.15)
java
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

upstream Needs triage