Integer Signedness Error in Java SE Development Kit and Runtime Environment
CVE-2009-1099

Currently unrated

Key Information:

Vendor

Oracle
Status
Java Runtime Environment
Java Se Development Kit
Vendor
CVE Published:
25 March 2009

What is CVE-2009-1099?

An integer signedness error in the Java SE Development Kit (JDK) and Java Runtime Environment (JRE) versions 5.0 Update 17 and earlier, along with 6 Update 12 and earlier, allows remote attackers to exploit crafted glyph descriptions in Type1 fonts. This vulnerability may enable unauthorized access to files and the execution of arbitrary code, bypassing checks due to a signed comparison failure, potentially leading to severe security risks for affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2009...
vendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://h20000.www2.hp.com/bizsupport/TechSupport/Document...
vendor-advisoryx_refsource_HP

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.