Intrusion Prevention

Oracle.Java.RE.TTF.Font.Glyphlterator.Heap.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption Vulnerability in Oracle Java Runtime Environment.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted TTF file. Successful exploitation could result in denial of service conditions on a targeted system.

Affected Products

Java SE version 7u211
Java SE version 8u202

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

CVE References

CVE-2019-2698

Other References

46723