VYPR
Unrated severityNVD Advisory· Published May 22, 2007· Updated Jun 16, 2026

CVE-2007-2789

CVE-2007-2789

Description

The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

96
  • Sun Corporation/Jdk12 versions
    cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jdk:1.6.0:-:*:*:*:*:*:*
  • Sun Corporation/Jre46 versions
    cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*+ 45 more
    • cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:-:*:*:*:*:*:*
  • Sun Corporation/SDK36 versions
    cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*+ 35 more
    • cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
  • Range: JDK/JRE 6; JDK/JRE 5.0 Update 10 and earlier; SDK/JRE 1.4.2_14 and earlier; SDK/JRE 1.3.1_19 and earlier
  • Range: 1.5.0 < 1.5.0_11-b03; 1.6.x < 1.6.0_01-b06

Patches

Vulnerability mechanics

References

53

News mentions

0

No linked articles in our index yet.