First published: Thu Mar 26 2009(Updated: )
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
OpenJDK 1.7.0 Headless | =1.6.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-0794 has a severity rating that indicates it can lead to a denial of service due to an integer overflow.
To fix CVE-2009-0794, you should update to a patched version of OpenJDK that addresses the integer overflow vulnerability.
CVE-2009-0794 affects OpenJDK 1.6.0.0 and any applications that utilize the PulseAudioTargetDataLine class from Pulse-Java.
CVE-2009-0794 allows remote attackers to execute a denial of service attack leading to applet crashes.
Yes, CVE-2009-0794 can be exploited remotely as it involves a crafted Pulse Audio source data line.