The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X 10.5 allows remote attackers to execute arbitrary code via a call to the undocumented apple.laf.CColourUIResource constructor with a crafted value in the first argument, which is dereferenced as a pointer.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2009-06-16 16:30
Updated : 2018-10-10 12:38
NVD link : CVE-2009-1719
Mitre link : CVE-2009-1719
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
apple
- mac_os_x
- mac_os_x_server
sun
- jre