Skip to main content

Critical Flaws Found in Java Development Kit

Posted by malcolmdavis on May 22, 2007 at 12:15 PM PDT

Users running Java Development Kit are encouraged to upgrade systems to protect from two remotely exploitable flaws.

One flaw is an integer overflow error in the image parser occurs when processing ICC profiles embedded in JPEG images. The flaw could be exploited to crash the JVM and possibly allow arbitrary code execution.

The second flaw is due to an error in the BMP image parser when parsing malformed files on Unix/Linux systems and could be exploited to cause denial-of-service conditions.


http://www.eweek.com/print_article2/0,1217,a=207757,00.asp