HTTP: Oracle Java XGetSamplePtrFromSnd Memory Corruption
This signature detects attempts to exploit a known flaw in Oracle JRE and JDK. Successful exploitation could result in execution of arbitrary code within the security context of the current user.
Extended Description
Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability in Java Runtime Environment. This issue affects the Sound subcomponent. To exploit this issue, an attacker must entice an unsuspecting user into visiting a specially crafted webpage that contains a malicious Applet or into opening a specially crafted file. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This vulnerability affects the following supported versions: 6 Update 23, 5.0 Update 27, 1.4.2_29
Affected Products
Hitachi ucosminexus_developer_light
Short Name
HTTP:STC:DL:MAL-RMF-GM
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-4462 Corruption Java Memory Oracle XGetSamplePtrFromSnd bid:46394
Release Date
04/28/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Gentoo
Sun
Hp
Avaya
Hitachi
Oracle
Vmware
CVSS Score
10.0