Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2009-2674

Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.

  • Published: Aug 5, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-2674
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
sun / jre 6-update_10 6-update_10.x
sun / jdk 6-update_6 6-update_6.x
sun / jdk 6-update_7 6-update_7.x
sun / jre 6-update_3 6-update_3.x
sun / jdk 6-update_11 6-update_11.x
sun / jre 6-update_4 6-update_4.x
sun / jdk 6-update_1 6-update_1.x
sun / jdk 6-update_3 6-update_3.x
sun / jdk 6-update_9 6-update_9.x
sun / jre 6-update_2 6-update_2.x
sun / jre 6-update_9 6-update_9.x
sun / jdk 6-update_4 6-update_4.x
sun / jdk 6-update_12 6-update_12.x
sun / jdk 6-update_13 6-update_13.x
sun / jre 6-update_11 6-update_11.x
sun / jdk 1.6.0-update2 1.6.0-update2.x
sun / jre 6-update_5 6-update_5.x
sun / jdk 6-update_8 6-update_8.x
sun / jre 6-update_12 6-update_12.x
sun / jdk 6-update_2 6-update_2.x
sun / jre 6-update_7 6-update_7.x
sun / jre 6-update_8 6-update_8.x
sun / jre 6-update_1 6-update_1.x
sun / jdk 6-update_5 6-update_5.x
sun / jre 6-update_13 6-update_13.x
sun / jre 6-update_6 6-update_6.x
sun / jdk 6-update_10 6-update_10.x