CVE-2006-2426 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2426
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2426

Description: Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26493 UBUNTU http://www.ubuntu.com/usn/usn-748-1 SUSE http://www.novell.com/linux/security/advisories/2006-06-02.html SREASON http://securityreason.com/securityalert/909 SAID Secunia Advisory: SA20457 Secunia Advisory: SA20132 Secunia Advisory: SA34632 Secunia Advisory: SA34675 Secunia Advisory: SA34496 Secunia Advisory: SA34495 Secunia Advisory: SA34489 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0392.html http://www.redhat.com/support/errata/RHSA-2009-0394.html OSVDB 25561 MISC http://www.illegalaccess.org/exploit/FullDiskApplet.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:137 http://www.mandriva.com/security/advisories?name=MDVSA-2009:162 DEBIAN http://www.debian.org/security/2009/dsa-1769 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/434001/100/0/threaded BID 17981

Return to the previous page.