Launchpad.net

CVE 2009-2674

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.

Related bugs and status

CVE-2009-2674 (Candidate) is related to these bugs:

Bug #85969: Java Docs Package Won't Install

		In	Importance	Status
85969	Java Docs Package Won't Install	sun-java6 (Ubuntu)	Medium	Fix Released
85969	Java Docs Package Won't Install	sun-java5 (Ubuntu)	Medium	Invalid
85969	Java Docs Package Won't Install	j2se1.4-i586 (Ubuntu)	Wishlist	Invalid

Bug #409559: version 1.6.0_15 is available

		In	Importance	Status
409559	version 1.6.0_15 is available	sun-java6 (Ubuntu)	Undecided	Fix Released
409559	version 1.6.0_15 is available	The Dell Mini Project	Undecided	Invalid
409559	version 1.6.0_15 is available	Jaunty Jackalope Backports	Undecided	Invalid
409559	version 1.6.0_15 is available	Intrepid Ibex Backports	Undecided	Invalid
409559	version 1.6.0_15 is available	Hardy Backports	Undecided	Invalid
409559	version 1.6.0_15 is available	sun-java6 (Ubuntu Hardy)	Undecided	Fix Released
409559	version 1.6.0_15 is available	sun-java6 (Ubuntu Karmic)	Undecided	Fix Released
409559	version 1.6.0_15 is available	sun-java6 (Ubuntu Intrepid)	Undecided	Invalid
409559	version 1.6.0_15 is available	sun-java6 (Ubuntu Jaunty)	Undecided	Fix Released

Bug #420426: sun-java6 6b16 update for karmic, hardy and jaunty

		In	Importance	Status
420426	sun-java6 6b16 update for karmic, hardy and jaunty	sun-java6 (Ubuntu)	Undecided	Fix Released
420426	sun-java6 6b16 update for karmic, hardy and jaunty	sun-java6 (Ubuntu Hardy)	Undecided	Fix Released
420426	sun-java6 6b16 update for karmic, hardy and jaunty	sun-java6 (Ubuntu Jaunty)	Undecided	Fix Released
420426	sun-java6 6b16 update for karmic, hardy and jaunty	sun-java6 (Ubuntu Karmic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-2674

Related bugs and status

Related bugs

References