Back to search
CVE-2007-0012
Published: Jan 9, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080108 Corsaire Security Advisory: Sun J2RE DoS issue
mailing-list
x_refsource_BUGTRAQ
sun-java-jpiexp32-dos(39549)
vdb-entry
x_refsource_XF
27185
vdb-entry
x_refsource_BID
3527
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now