Intrusion Prevention

Oracle.Java.Soundbank.Resource.Name.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Oracle Java.
The vulnerability is caused by an error when the vulnerable software handles a malicious soundbank file. It allows a remote attacker to execute arbitrary code via sending a crafted .jar file.

Affected Products

Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to a latest version. Please refer to the vendor's web site:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html

CVE References

CVE-2010-0839