Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted applet.
References
Link | Resource |
---|---|
http://www.vupen.com/english/advisories/2010/1191 | Patch Vendor Advisory |
http://support.apple.com/kb/HT4170 | Patch Vendor Advisory |
http://secunia.com/advisories/39819 | Vendor Advisory |
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html | Patch Vendor Advisory |
http://support.apple.com/kb/HT4171 | Patch Vendor Advisory |
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/40240 | Patch |
http://securitytracker.com/id?1024012 |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2010-05-21 12:30
Updated : 2010-05-23 21:00
NVD link : CVE-2010-0539
Mitre link : CVE-2010-0539
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
apple
- mac_os_x
- java_1.6
- java_1.5