CVE-2009-1099

NONECVSS 0.0

0.0

Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.

🔗 References (68)

cve@mitrehttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
cve@mitrehttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=777
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
cve@mitrehttp://marc.info/?l=bugtraq&m=124344236532162&w=2
cve@mitrehttp://secunia.com/advisories/34495
cve@mitrehttp://secunia.com/advisories/34496
cve@mitrehttp://secunia.com/advisories/35156
cve@mitrehttp://secunia.com/advisories/35223
cve@mitrehttp://secunia.com/advisories/35255
cve@mitrehttp://secunia.com/advisories/35416
cve@mitrehttp://secunia.com/advisories/35776
cve@mitrehttp://secunia.com/advisories/36185

Is Your Infrastructure Affected by CVE-2009-1099?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1099

📅 Published

🔄 Last Modified

🔗 References (68)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1099?