Security Advisory

CVE-2009-1099

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-03-25 23:00:00

Last updated 2024-08-07 04:57:17

Assigner mitre

State PUBLISHED

Description

Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.

← Browse all CVEs View on cve.org ↗