Rule Category

FILE-JAVA -- Snort has detected traffic targeting vulnerabilities that are exploited in java files such as .class or .jar.

Alert Message

FILE-JAVA Oracle Java runtime JPEGImageReader overflow attempt

Rule Explanation

The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694. Impact: CVSS base score 7.5 CVSS impact score 6.4 CVSS exploitability score 10.0 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL Details: Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].

Rule Groups

No rule groups

CVE

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2009-3864
Loading description
CVE-2009-3865
Loading description
CVE-2009-3866
Loading description
CVE-2009-3867
Loading description
CVE-2009-3868
Loading description
CVE-2009-3869
Loading description
CVE-2009-3871
Loading description
CVE-2009-3872
Loading description
CVE-2009-3873
Loading description
CVE-2009-3874
Loading description
CVE-2009-3875
Loading description
CVE-2009-3876
Loading description
CVE-2009-3877
Loading description