CVE-2009-3885

NameCVE-2009-3885
DescriptionSun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openjdk-6source(unstable)(not affected)
sun-java6source(unstable)(not affected)

Notes

- openjdk-6 <not-affected> (a problem in code that is unused on non-windows platforms)
- sun-java6 <not-affected> (a problem in code that is unused on non-windows platforms)
https://bugzilla.redhat.com/show_bug.cgi?id=530114
Search for package or bug name: Reporting problems