Lucene search
AnonymousZDI-09-076HistoryNov 04, 2009 - 12:00 a.m.
Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
2009-11-0400:00:00
Anonymous
www.zerodayinitiative.com
19
0.941 High
EPSS
Percentile
99.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw exists in the parsing of long file:// URL arguments to the getSoundbank() function. Due to a lack of bounds checking on user supplied data a stack overflow can occur leading to remote code execution. Exploitation of this vulnerability can lead to system compromise under the credentials of the currently logged in user.
Related
checkpoint_advisories
checkpoint_advisories
Sun Java HsbParser.getSoundBank Stack Buffer Overflow (CVE-2009-3867)
2010-02-02 00:00:00
prion
prion
Stack overflow
2009-11-05 16:30:00
Code injection
2010-01-13 01:30:00
canvas
canvas
Immunity Canvas: SUN_JAVA_HSBPARSER_LINUX
2009-11-05 16:30:00
Immunity Canvas: SUN_JAVA_HSBPARSER
2009-11-05 11:30:00
saint
saint
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
2009-11-06 00:00:00
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
2009-11-06 00:00:00
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow
2009-11-06 00:00:00
packetstorm
packetstorm
Sun Java JRE getSoundbank file:// URI Buffer Overflow
2009-12-31 00:00:00
Netragard Security Advisory 2009-12-19
2009-12-30 00:00:00
cvelist
cvelist
CVE-2009-3867
2009-11-05 16:00:00
CVE-2010-0079
2010-01-13 01:00:00
metasploit
metasploit
Sun Java JRE getSoundbank file:// URI Buffer Overflow
2009-12-11 21:18:31
ubuntucve
ubuntucve
CVE-2009-3867
2009-11-05 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:40:37
cve
cve
CVE-2009-3867
2009-11-05 16:30:00
CVE-2010-0079
2010-01-13 01:30:01
nvd
nvd
CVE-2009-3867
2009-11-05 16:30:00
CVE-2010-0079
2010-01-13 01:30:01
seebug
seebug
Sun Java JRE getSoundbank file:// URI Buffer Overflow
2014-07-01 00:00:00
exploitdb
exploitdb
suse
suse
remote code execution in java-1_4_2-ibm
2010-01-12 17:42:00
remote code execution in java-1_5_0-ibm
2010-01-12 09:21:12
remote code execution in java-1_6_0-ibm
2010-01-12 17:47:21
nessus
nessus
SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6755)
2010-10-11 00:00:00
SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12565)
2010-01-12 00:00:00
SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6757)
2010-01-12 00:00:00
redhat
redhat
(RHSA-2010:0408) Moderate: java-1.4.2-ibm security update
2010-05-12 00:00:00
(RHSA-2009:1647) Critical: java-1.5.0-ibm security update
2009-12-08 00:00:00
(RHSA-2009:1643) Critical: java-1.4.2-ibm security update
2009-12-07 00:00:00
openvas
openvas
Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Windows)
2009-11-13 00:00:00
RedHat Security Advisory RHSA-2009:1643
2009-12-14 00:00:00
HP-UX Update for Java HPSBUX02503
2010-02-15 00:00:00
securityvulns
securityvulns
HP Network Node Manager i DoS
2011-09-20 00:00:00
Oracle Critical Patch Update Advisory - January 2010
2010-01-15 00:00:00
oracle
oracle
Security | Oracle Critical Patch Update - January 2010
2010-01-12 00:00:00
vmware
vmware
VMware vCenter update release addresses multiple security issues in Java JRE
2010-01-29 00:00:00
VMware vCenter update release addresses multiple security issues in Java JRE
2010-01-29 00:00:00
gentoo
gentoo
Sun JDK/JRE: Multiple vulnerabilities
2009-11-17 00:00:00