Intrusion Prevention



This indicates an attack attempt against a code execution vulnerability in Oracle JRE and JDK.
The vulnerability is caused by an error when the vulnerable software handles malicious Soundbank data. It allows a remote attacker to execute arbitrary code via sending a crafted class file.

Affected Products

Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the update from the vendor.

CVE References