ID CVE-2009-0794
Summary Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:openjdk:1.6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openjdk:1.6.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 17-08-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=492367
fedora
  • FEDORA-2009-3425
  • FEDORA-2009-3426
mandriva
  • MDVSA-2009:137
  • MDVSA-2009:162
mlist [distro-pkg-dev] 20090211 changeset in /hg/icedtea6: 2009-02-11 Omair Majid
secunia 34623
vupen ADV-2009-0965
xf pulsejava--pulseaudiotargetdatal-dos(50383)
Last major update 17-08-2017 - 01:30
Published 13-04-2009 - 16:30
Last modified 17-08-2017 - 01:30
Back to Top