Intrusion Prevention



This indicates an attack attempt against a buffer-overflow vulnerability in Oracle Java.
The vulnerability is caused by an error when the vulnerable software handles a malicious soundbank file. It allows a remote attacker to execute arbitrary code via sending a crafted .jar file.

Affected Products

Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to a latest version. Please refer to the vendor's web site:

CVE References