CVE-2009-3867

HIGH

Description

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.

ID	Name	Product	Family	Severity
89736	VMware ESX Java Runtime Environment (JRE) Multiple Vulnerabilities (VMSA-2010-0002) (remote check)	Nessus	VMware ESX Local Security Checks	critical
64831	Sun Java JRE Multiple Vulnerabilities (269868 / 269869 / 270476 ...) (Unix)	Nessus	Misc.	high
60691	Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
49863	SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6741)	Nessus	SuSE Local Security Checks	high
49861	SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6755)	Nessus	SuSE Local Security Checks	high
45386	VMSA-2010-0002 : VMware vCenter update release addresses multiple security issues in Java JRE	Nessus	VMware ESX Local Security Checks	critical
44029	RHEL 4 / 5 : IBM Java Runtime in Satellite Server (RHSA-2010:0043)	Nessus	Red Hat Local Security Checks	critical
43872	SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1748)	Nessus	SuSE Local Security Checks	high
43859	SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6757)	Nessus	SuSE Local Security Checks	high
43857	SuSE 11 Security Update : IBM Java 1.4.2 (SAT Patch Number 1744)	Nessus	SuSE Local Security Checks	high
43854	SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12565)	Nessus	SuSE Local Security Checks	high
43822	SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6740)	Nessus	SuSE Local Security Checks	high
43599	SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12564)	Nessus	SuSE Local Security Checks	high
43597	RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:1694)	Nessus	Red Hat Local Security Checks	critical
43079	RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2009:1647)	Nessus	Red Hat Local Security Checks	critical
43048	RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2009:1643)	Nessus	Red Hat Local Security Checks	critical
43003	Mac OS X : Java for Mac OS X 10.6 Update 1	Nessus	MacOS X Local Security Checks	high
43002	Mac OS X : Java for Mac OS X 10.5 Update 6	Nessus	MacOS X Local Security Checks	high
42857	SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 1542)	Nessus	SuSE Local Security Checks	high
42855	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42853	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42851	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42834	GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
42460	openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1529)	Nessus	SuSE Local Security Checks	high
42457	openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1529)	Nessus	SuSE Local Security Checks	high
42455	RHEL 4 / 5 : java-1.5.0-sun (RHSA-2009:1571)	Nessus	Red Hat Local Security Checks	critical
42431	RHEL 4 / 5 : java-1.6.0-sun (RHSA-2009:1560)	Nessus	Red Hat Local Security Checks	critical
42373	Sun Java JRE Multiple Vulnerabilities (269868 / 269869 / 270476 ..)	Nessus	Windows	high

CVE-2009-3867

Description

References

Details

Risk Information

CVSS v2.0