Vulnerabilità: CVE-2007-2789

L’immagine BMP parser in Sun Java Development Kit (JDK) prima 1.5.0_11-b03 e 1.6.x prima 1.6.0_01-b06, e Sun Java Runtime Environment in JDK e JRE 6, JDK e JRE 5.0 Update 10 e precedenti, SDK e JRE 1.4.2_14 e precedenti, e SDK e JRE 1.3.1_19 e precedenti, quando in esecuzione su sistemi Unix / Linux, consente agli aggressori remoti di causare un denial of service (JVM blocchi) tramite applet o applicazioni non attendibili che aprire i file locali arbitrari via un artigianale file BMP, come ad esempio / dev / tty.


http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://dev2dev.bea.com/pub/advisory/248
http://www.securityfocus.com/bid/24004
http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml
http://security.gentoo.org/glsa/glsa-200706-08.xml
http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://docs.info.apple.com/article.html?artnum=307177
http://scary.beasts.org/security/CESA-2006-004.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10800
http://www.redhat.com/support/errata/RHSA-2007-0817.html
http://www.redhat.com/support/errata/RHSA-2007-0829.html
http://www.redhat.com/support/errata/RHSA-2007-0956.html
http://www.redhat.com/support/errata/RHSA-2007-1086.html
http://www.redhat.com/support/errata/RHSA-2008-0100.html
http://www.redhat.com/support/errata/RHSA-2008-0133.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securitytracker.com/id?1018182
http://secunia.com/advisories/25295
http://secunia.com/advisories/25474
http://secunia.com/advisories/25832
http://secunia.com/advisories/26049
http://secunia.com/advisories/26119
http://secunia.com/advisories/26311
http://secunia.com/advisories/26369
http://secunia.com/advisories/26631
http://secunia.com/advisories/26645
http://secunia.com/advisories/26933
http://secunia.com/advisories/27203
http://secunia.com/advisories/27266
http://secunia.com/advisories/28056
http://secunia.com/advisories/28115
http://secunia.com/advisories/29340
http://secunia.com/advisories/29858
http://secunia.com/advisories/30780
http://secunia.com/advisories/30805
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200856-1
http://www.novell.com/linux/security/advisories/2007_45_java.html
http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html
http://www.attrition.org/pipermail/vim/2007-July/001696.html
http://www.attrition.org/pipermail/vim/2007-July/001697.html
http://www.attrition.org/pipermail/vim/2007-July/001708.html
http://www.attrition.org/pipermail/vim/2007-December/001862.html
http://www.vupen.com/english/advisories/2007/1836
http://www.vupen.com/english/advisories/2007/3009
http://www.vupen.com/english/advisories/2007/4224
https://exchange.xforce.ibmcloud.com/vulnerabilities/34654
https://exchange.xforce.ibmcloud.com/vulnerabilities/34320
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2789


E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi