CVE-2009-3868

Name of the Vulnerable Software and Affected Versions Sun Java SE versions 5.0 before Update 22 Sun Java SE versions 6 before Update 17 Sun Java SE SDK and JRE versions 1.3.x before 1.3.1 27 Sun Java SE SDK and JRE versions 1.4.x before 1.4.2 24

Description The issue allows remote attackers to gain privileges via a crafted image file due to improper parsing of color profiles.

Recommendations For Sun Java SE versions 5.0 before Update 22, update to Update 22 or later. For Sun Java SE versions 6 before Update 17, update to Update 17 or later. For Sun Java SE SDK and JRE versions 1.3.x before 1.3.1 27, update to 1.3.1 27 or later. For Sun Java SE SDK and JRE versions 1.4.x before 1.4.2 24, update to 1.4.2 24 or later.