‘Oracle Sun JRE JPEGImageWriter.writeImage Code Execution Vulnerability’
‘The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-10-205/‘
* Sun Microsystems Java Runtime
User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to remote compromise under the credentials of the currently logged in user.
Sun Microsystems has issued an update to correct this vulnerability at:
2010-06-17 – Vulnerability reported to vendor
2010-10-12 – Coordinated public release of advisory’