Intrusion PreventionSun.Java.Runtime.Environment.Image.Parsing.Heap.Buffer.Overflow
Description
This indicates an attack attempt against a heap buffer overflow vulnerability in
Sun Java Runtime Environment.
The vulnerability is caused by an error when the vulnerable software handles
a malicious JPEG file. It allows a remote attacker to execute arbitrary code.
Affected Products
JDK and JRE 6 prior to Update 5
JDK and JRE 5.0 prior to Update 15
SDK and JRE prior to 1.4.2_17
SDK and JRE prior to 1.3.1_22
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the following version:
* JDK and JRE 6 Update 5 or later
* JDK and JRE 5.0 Update 15 or later
* Java SE 6: update 5 (as delivered in patch 125136-07 or later)
* Java SE 6: update 5 (as delivered in patch 125137-07 or later (64bit))
* Java SE 6_x86: update 5 (as delivered in patch 125138-07 or later)
* Java SE 6_x86: update 5 (as delivered in patch 125139-07 or later (64bit))
* J2SE 5.0: update 15 (as delivered in patch 118666-16 or later)
* J2SE 5.0: update 15 (as delivered in patch 118667-16 or later (64bit))
* J2SE 5.0_x86: update 15 (as delivered in patch 118668-16 or later)
* J2SE 5.0_x86: update 15 (as delivered in patch 118669-16 or later (64bit))
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 |
References
http://securitytracker.com/id/1019551| ID | 26663 |
| Created | May 12, 2011 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2008-1193 |
| Exploit Prediction Score | 7.54% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | SUN |