Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2426

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2426
Last Modified 11 Sep 2013 12:55:33
Published 17 May 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2426

Summary

Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.

Vulnerable Systems

Application

  • Sun Jdk 1.5.0

  • Sun Jre 1.5.0

  • Sun Sdk 1.5.0 6


References

REDHAT - RHSA-2009:0377

VUPEN - ADV-2006-1824

UBUNTU - USN-748-1

BUGTRAQ - 20060514 JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space

REDHAT - RHSA-2009:0394

REDHAT - RHSA-2009:0392

MANDRIVA - MDVSA-2009:162

MANDRIVA - MDVSA-2009:137

MISC - http://www.illegalaccess.org/exploit/FullDiskApplet.html

DEBIAN - DSA-1769

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm

SECUNIA - 34675

SECUNIA - 34632

SECUNIA - 34496

SECUNIA - 34495

SECUNIA - 34489

SECUNIA - 20132

XF - sun-java-fontcreatefont-dos(26493)

BID - 17981

OSVDB - 25561

SUSE - SUSE-SR:2006:012

SREASON - 909

SECUNIA - 20457


Last Updated: 27 May 2016 10:42:28