Intrusion Prevention

Sun.Java.RunTime.Env.Integer.Overflow

Description

This indicates an attack attempt against multiple buffer-overflow vulnerabilities in Sun Java Development Kit (JDK) and Java-Runtime Environment(JRE).
The vulnerability is caused by an error when the vulnerable software handles large image dimensions. It allows a remote attacker to execute arbitrary code via a crafted malicious applet.

Affected Products

Sun Java JDK 1.5.x (for Windows, Solaris, and Linux)
Sun Java JRE 1.3.x (for Windows, Solaris, and Linux)
Sun Java JRE 1.4.x (for Windows, Solaris, and Linux)
Sun Java JRE 1.5.x / 5.x (for Windows, Solaris, and Linux)
Sun Java SDK 1.3.x (for Windows, Solaris, and Linux)
Sun Java SDK 1.4.x (for Windows, Solaris, and Linux)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the web site:
http://www.java.com

CVE References

CVE-2006-6731