Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:IMG:JDK-ICC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Sun JDK Image Parsing Library ICC Buffer Overflow

Release Date

 2010/10/11

Update Number

 1789

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Sun JDK Image Parsing Library ICC Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Sun JDK Image Parsing Library ICC. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Sun JDK is prone to a multiple vulnerabilities. An attacker can exploit these issues to crash the affected application, effectively denying service. The attacker may also be able to execute arbitrary code, which may facilitate a compromise of the underlying system. Sun JDK 1.5.0_07-b03 is vulnerable to these issues; other versions may also be affected.

Affected Products

  • Apple Mac OS X 10.4.10
  • Apple Mac OS X 10.4.11
  • Apple Mac OS X Server 10.4.10
  • Apple Mac OS X Server 10.4.11
  • Avaya Interactive Response 1.3.0
  • Avaya Interactive Response 2.0
  • BEA Systems JRockit 1.4.2
  • BEA Systems JRockit 5.0
  • BEA Systems JRockit 6
  • BEA Systems JRockit 7.0
  • BEA Systems JRockit R27.3.1
  • Gentoo dev-java/ibm-jdk-bin 1.4.2.10
  • Gentoo dev-java/ibm-jdk-bin 1.5.0.6
  • Gentoo dev-java/ibm-jre-bin 1.4.2.10
  • Gentoo dev-java/ibm-jre-bin 1.5.0.6
  • Gentoo Linux
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux Desktop Supplementary 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux Extras 3
  • Red Hat Enterprise Linux Extras 4
  • Red Hat Enterprise Linux Supplementary 5 Server
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Network Satellite (for RHEL 3) 4.2
  • Red Hat Network Satellite (for RHEL 4) 4.2
  • Red Hat Red Hat Network Satellite Server 5.0.0
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 8.1.0
  • Slackware Linux 9.0.0
  • Slackware Linux 9.1.0
  • Sun JDK (Linux Production Release) 1.4.1
  • Sun JDK (Linux Production Release) 1.4.1 01
  • Sun JDK (Linux Production Release) 1.4.1 07
  • Sun JDK (Linux Production Release) 1.4.2
  • Sun JDK (Linux Production Release) 1.4.2 06
  • Sun JDK (Linux Production Release) 1.4.2 08
  • Sun JDK (Linux Production Release) 1.4.2 09
  • Sun JDK (Linux Production Release) 1.4.2 10
  • Sun JDK (Linux Production Release) 1.4.2 11
  • Sun JDK (Linux Production Release) 1.5.0
  • Sun JDK (Linux Production Release) 1.5.0 .0 05
  • Sun JDK (Linux Production Release) 1.5.0 07-B03
  • Sun JRE (Linux Production Release) 1.3.0 .0
  • Sun JRE (Linux Production Release) 1.3.0 .0 02
  • Sun JRE (Linux Production Release) 1.3.0 .0 05
  • Sun JRE (Linux Production Release) 1.3.1 01
  • Sun JRE (Linux Production Release) 1.3.1 01A
  • Sun JRE (Linux Production Release) 1.3.1 04
  • Sun JRE (Linux Production Release) 1.3.1 08
  • Sun JRE (Linux Production Release) 1.3.1 15
  • Sun JRE (Linux Production Release) 1.3.1 16
  • Sun JRE (Linux Production Release) 1.3.1 17
  • Sun JRE (Linux Production Release) 1.3.1 18
  • Sun JRE (Linux Production Release) 1.3.1 19
  • Sun JRE (Linux Production Release) 1.4.1
  • Sun JRE (Linux Production Release) 1.4.2
  • Sun JRE (Linux Production Release) 1.4.2 01
  • Sun JRE (Linux Production Release) 1.4.2 02
  • Sun JRE (Linux Production Release) 1.4.2 03
  • Sun JRE (Linux Production Release) 1.4.2 04
  • Sun JRE (Linux Production Release) 1.4.2 05
  • Sun JRE (Linux Production Release) 1.4.2 06
  • Sun JRE (Linux Production Release) 1.4.2 07
  • Sun JRE (Linux Production Release) 1.4.2 08
  • Sun JRE (Linux Production Release) 1.4.2 09
  • Sun JRE (Linux Production Release) 1.4.2 10-B03
  • Sun JRE (Linux Production Release) 1.4.2 11
  • Sun JRE (Linux Production Release) 1.4.2 12
  • Sun JRE (Linux Production Release) 1.4.2 13
  • Sun JRE (Linux Production Release) 1.5.0
  • Sun JRE (Linux Production Release) 1.5.0 01
  • Sun JRE (Linux Production Release) 1.5.0 02
  • Sun JRE (Linux Production Release) 1.5.0 03
  • Sun JRE (Linux Production Release) 1.5.0 04
  • Sun JRE (Linux Production Release) 1.5.0 05
  • Sun JRE (Linux Production Release) 1.5.0 06
  • Sun JRE (Linux Production Release) 1.5.0 07
  • Sun JRE (Linux Production Release) 1.5.0 08
  • Sun JRE (Linux Production Release) 1.5.0 09
  • Sun JRE (Linux Production Release) 1.5.0 10
  • Sun JRE (Solaris Production Release) 1.3.0 01
  • Sun JRE (Solaris Production Release) 1.3.0 03
  • Sun JRE (Solaris Production Release) 1.3.0 04
  • Sun JRE (Solaris Production Release) 1.3.1
  • SuSE Linux 10.0 Ppc
  • SuSE Linux 10.0 X86
  • SuSE Linux 10.0 X86-64
  • SuSE Linux 10.1 Ppc
  • SuSE Linux 10.1 X86
  • SuSE Linux 10.1 X86-64
  • SuSE Linux Desktop 1.0.0
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise SDK 10.SP1
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0
  • VMWare ESX Server 3.0.1
  • VMWare ESX Server 3.0.2
  • VMWare VirtualCenter Management Server 2

References

  • BugTraq: 24004
  • CVE: CVE-2007-2788

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out