Description
Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
References (3)
Core 3
Core References
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1022820
Patch, Vendor Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2543
Scores
EPSS
0.0232
EPSS Percentile
81.5%
Details
CWE
CWE-119
Status
published
Products (23)
apple/java_1.4
2 (3 CPE variants)
apple/java_1.4
< 2
apple/java_1.5
< 0
apple/java_1.6
0 (3 CPE variants)
apple/java_1.6
< 0
apple/mac_os_x
10.5
apple/mac_os_x
10.5.0
apple/mac_os_x
10.5.1
apple/mac_os_x
10.5.2 (2 CPE variants)
apple/mac_os_x
10.5.3
... and 13 more
Published
Sep 09, 2009
Tracked Since
Feb 18, 2026