CVE-2009-3869

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 21 Java Runtime Environment (JRE) versions 6.0 through 6.0 Update 16 SDK and JRE 1.3.x through 1.3.1 26 SDK and JRE 1.4.x through 1.4.2 23

Description The issue is related to a stack-based buffer overflow in the setDiffICM function within the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE). This allows remote attackers to execute arbitrary code via a crafted argument.

Recommendations For Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 21, update to version 5.0 Update 22 or later. For Java Runtime Environment (JRE) versions 6.0 through 6.0 Update 16, update to version 6.0 Update 17 or later. For SDK and JRE 1.3.x through 1.3.1 26, update to version 1.3.1 27 or later. For SDK and JRE 1.4.x through 1.4.2 23, update to version 1.4.2 24 or later.