HTTP: Oracle Java Font Glyph Storage Handling Off-by-one Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Oracle Java SE Ligature Substitution Glyph. A successful attack can lead to buffer overflow and remote code execution.
Extended Description
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Affected Products
Oracle jdk
References
BugTraq: 74072
CVE: CVE-2015-0469
URL: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#appendixjav
Short Name
HTTP:STC:JAVA:FONT-HANDLNG-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2015-0469 Font Glyph Handling Java Off-by-one Oracle Overflow Storage bid:74072
Release Date
06/09/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3492
False Positive
Unknown
Vendors
Oracle
CVSS Score
10.0