Intrusion Prevention

Sun.JRE1.isInstalled.dnsResolve.Function.Overflow

Description

This indicates an attack attempt to exploit a buffer-overflow vulnerability in the Sun Java Runtime Environment's isInstalled.dnsResolve() function.
The vulnerability is caused by an error when the vulnerable function handles overly long strings. It could allow a remote attacker to execute arbitrary code.

Affected Products

Sun JRE 1.6.0_10
Sun JRE 1.6.0_0
Sun Java Web Start 0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently, we are not aware of any vendor supplied patch for this issue

CVE References

CVE-2007-5019