Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:JAVA:IMG-SETPIXELS-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Oracle Java ImageRepresentation.setPixels Integer Overflow

Release Date

 2013/08/22

Update Number

 2292

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Oracle Java ImageRepresentation.setPixels Integer Overflow


This signature detects attempts to exploit a known vulnerability against Oracle Java. The vulnerability is due to improper validation of image and raster dimensions in the sun.awt.image.ImageRepresentation.setPixels method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation of this vulnerability can allow execution of arbitrary code on a target system.

Extended Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.

Affected Products

  • oracle jdk up to 1.5.0 (update_36)
  • oracle jdk up to 1.5.0 (update_38)
  • oracle jdk up to 1.5.0 (update_40)
  • oracle jdk up to 1.5.0 (update_41)
  • oracle jdk up to 1.6.0 (update_22)
  • oracle jdk up to 1.6.0 (update_23)
  • oracle jdk up to 1.6.0 (update_24)
  • oracle jdk up to 1.6.0 (update_25)
  • oracle jdk up to 1.6.0 (update_26)
  • oracle jdk up to 1.6.0 (update_27)
  • oracle jdk up to 1.6.0 (update_29)
  • oracle jdk up to 1.6.0 (update_30)
  • oracle jdk up to 1.6.0 (update_31)
  • oracle jdk up to 1.6.0 (update_32)
  • oracle jdk up to 1.6.0 (update_33)
  • oracle jdk up to 1.6.0 (update_34)
  • oracle jdk up to 1.6.0 (update_35)
  • oracle jdk up to 1.6.0 (update_37)
  • oracle jdk up to 1.6.0 (update_38)
  • oracle jdk up to 1.6.0 (update_39)
  • oracle jdk up to 1.6.0 (update_41)
  • oracle jdk up to 1.6.0 (update_43)
  • oracle jdk up to 1.7.0 (update1)
  • oracle jdk up to 1.7.0 (update10)
  • oracle jdk up to 1.7.0 (update11)
  • oracle jdk up to 1.7.0 (update13)
  • oracle jdk up to 1.7.0 (update15)
  • oracle jdk up to 1.7.0 (update17)
  • oracle jdk up to 1.7.0 (update2)
  • oracle jdk up to 1.7.0 (update3)
  • oracle jdk up to 1.7.0 (update4)
  • oracle jdk up to 1.7.0 (update5)
  • oracle jdk up to 1.7.0 (update6)
  • oracle jdk up to 1.7.0 (update7)
  • oracle jdk up to 1.7.0 (update9)
  • oracle jre up to 1.5.0 (update_36)
  • oracle jre up to 1.5.0 (update_38)
  • oracle jre up to 1.5.0 (update_40)
  • oracle jre up to 1.5.0 (update_41)
  • oracle jre up to 1.6.0 (update_22)
  • oracle jre up to 1.6.0 (update_23)
  • oracle jre up to 1.6.0 (update_24)
  • oracle jre up to 1.6.0 (update_25)
  • oracle jre up to 1.6.0 (update_26)
  • oracle jre up to 1.6.0 (update_27)
  • oracle jre up to 1.6.0 (update_29)
  • oracle jre up to 1.6.0 (update_30)
  • oracle jre up to 1.6.0 (update_31)
  • oracle jre up to 1.6.0 (update_32)
  • oracle jre up to 1.6.0 (update_33)
  • oracle jre up to 1.6.0 (update_34)
  • oracle jre up to 1.6.0 (update_35)
  • oracle jre up to 1.6.0 (update_37)
  • oracle jre up to 1.6.0 (update_38)
  • oracle jre up to 1.6.0 (update_39)
  • oracle jre up to 1.6.0 (update_41)
  • oracle jre up to 1.6.0 (update_43)
  • oracle jre up to 1.7.0 (update1)
  • oracle jre up to 1.7.0 (update10)
  • oracle jre up to 1.7.0 (update11)
  • oracle jre up to 1.7.0 (update13)
  • oracle jre up to 1.7.0 (update15)
  • oracle jre up to 1.7.0 (update17)
  • oracle jre up to 1.7.0 (update2)
  • oracle jre up to 1.7.0 (update3)
  • oracle jre up to 1.7.0 (update4)
  • oracle jre up to 1.7.0 (update5)
  • oracle jre up to 1.7.0 (update6)
  • oracle jre up to 1.7.0 (update7)
  • oracle jre up to 1.7.0 (update9)
  • sun jdk 1.5.0 (update1)
  • sun jdk 1.5.0 (update10)
  • sun jdk 1.5.0 (update11)
  • sun jdk 1.5.0 (update11_b03)
  • sun jdk 1.5.0 (update12)
  • sun jdk 1.5.0 (update13)
  • sun jdk 1.5.0 (update14)
  • sun jdk 1.5.0 (update15)
  • sun jdk 1.5.0 (update16)
  • sun jdk 1.5.0 (update17)
  • sun jdk 1.5.0 (update18)
  • sun jdk 1.5.0 (update19)
  • sun jdk 1.5.0 (update2)
  • sun jdk 1.5.0 (update20)
  • sun jdk 1.5.0 (update21)
  • sun jdk 1.5.0 (update22)
  • sun jdk 1.5.0 (update23)
  • sun jdk 1.5.0 (update24)
  • sun jdk 1.5.0 (update25)
  • sun jdk 1.5.0 (update26)
  • sun jdk 1.5.0 (update27)
  • sun jdk 1.5.0 (update28)
  • sun jdk 1.5.0 (update29)
  • sun jdk 1.5.0 (update3)
  • sun jdk 1.5.0 (update31)
  • sun jdk 1.5.0 (update33)
  • sun jdk 1.5.0 (update4)
  • sun jdk 1.5.0 (update5)
  • sun jdk 1.5.0 (update6)
  • sun jdk 1.5.0 (update7)
  • sun jdk 1.5.0 (update7_b03)
  • sun jdk 1.5.0 (update8)
  • sun jdk 1.5.0 (update9)
  • sun jdk 1.6.0 (update1)
  • sun jdk 1.6.0 (update_10)
  • sun jdk 1.6.0 (update_11)
  • sun jdk 1.6.0 (update_12)
  • sun jdk 1.6.0 (update_13)
  • sun jdk 1.6.0 (update_14)
  • sun jdk 1.6.0 (update_15)
  • sun jdk 1.6.0 (update_16)
  • sun jdk 1.6.0 (update_17)
  • sun jdk 1.6.0 (update_18)
  • sun jdk 1.6.0 (update_19)
  • sun jdk 1.6.0 (update1_b06)
  • sun jdk 1.6.0 (update2)
  • sun jdk 1.6.0 (update_20)
  • sun jdk 1.6.0 (update_21)
  • sun jdk 1.6.0 (update_3)
  • sun jdk 1.6.0 (update_4)
  • sun jdk 1.6.0 (update_5)
  • sun jdk 1.6.0 (update_6)
  • sun jdk 1.6.0 (update_7)
  • sun jre 1.5.0 (update1)
  • sun jre 1.5.0 (update10)
  • sun jre 1.5.0 (update11)
  • sun jre 1.5.0 (update12)
  • sun jre 1.5.0 (update13)
  • sun jre 1.5.0 (update14)
  • sun jre 1.5.0 (update15)
  • sun jre 1.5.0 (update16)
  • sun jre 1.5.0 (update17)
  • sun jre 1.5.0 (update18)
  • sun jre 1.5.0 (update19)
  • sun jre 1.5.0 (update2)
  • sun jre 1.5.0 (update20)
  • sun jre 1.5.0 (update21)
  • sun jre 1.5.0 (update22)
  • sun jre 1.5.0 (update23)
  • sun jre 1.5.0 (update24)
  • sun jre 1.5.0 (update25)
  • sun jre 1.5.0 (update26)
  • sun jre 1.5.0 (update27)
  • sun jre 1.5.0 (update28)
  • sun jre 1.5.0 (update29)
  • sun jre 1.5.0 (update3)
  • sun jre 1.5.0 (update31)
  • sun jre 1.5.0 (update33)
  • sun jre 1.5.0 (update4)
  • sun jre 1.5.0 (update5)
  • sun jre 1.5.0 (update6)
  • sun jre 1.5.0 (update7)
  • sun jre 1.5.0 (update8)
  • sun jre 1.5.0 (update9)
  • sun jre 1.6.0 (update_1)
  • sun jre 1.6.0 (update_10)
  • sun jre 1.6.0 (update_11)
  • sun jre 1.6.0 (update_12)
  • sun jre 1.6.0 (update_13)
  • sun jre 1.6.0 (update_14)
  • sun jre 1.6.0 (update_15)
  • sun jre 1.6.0 (update_16)
  • sun jre 1.6.0 (update_17)
  • sun jre 1.6.0 (update_18)
  • sun jre 1.6.0 (update_19)
  • sun jre 1.6.0 (update_2)
  • sun jre 1.6.0 (update_20)
  • sun jre 1.6.0 (update_21)
  • sun jre 1.6.0 (update_3)
  • sun jre 1.6.0 (update_4)
  • sun jre 1.6.0 (update_5)
  • sun jre 1.6.0 (update_6)
  • sun jre 1.6.0 (update_7)
  • sun jre 1.6.0 (update_9)

References

  • CVE: CVE-2013-2420

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out