CVE-2010-0843

Name of the Vulnerable Software and Affected Versions Oracle Java SE and Java for Business versions 6 Update 18, 5.0 Update 23, 1.4.2 25, and 1.3.1 27

Description The issue affects the Sound component, allowing remote attackers to impact confidentiality, integrity, and availability through unknown vectors. It is reportedly related to improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, potentially enabling remote attackers to execute arbitrary code.

Recommendations For Oracle Java SE and Java for Business version 6 Update 18, update to a version that includes the fix for this issue. For Oracle Java SE and Java for Business version 5.0 Update 23, update to a version that includes the fix for this issue. For Oracle Java SE and Java for Business version 1.4.2 25, update to a version that includes the fix for this issue. For Oracle Java SE and Java for Business version 1.3.1 27, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Sound component until a patch is available.