Java Runtime Environment AWT setDiffICM buffer overflow

Added: 11/27/2009
CVE: CVE-2009-3869
BID: 36881
OSVDB: 59710


Java Runtime Environment (JRE) allows end users to run Java applications.


A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit (AWT) allows command execution when a user loads a specially crafted web page.


Apply the update referenced in Sun article 270474.



Exploit works on Java Runtime Environment 6 Update 16 and requires a user to open the exploit page in Firefox 2.0.x.

In order for the exploit to succeed, the security policy in JRE must allow access to classes in the sun.awt.image package. To configure JRE to allow access to classes in the sun.awt.image package, add the following lines to the Java policy file on the target system:

grant {
    permission java.lang.RuntimePermission
The Java policy file can be found at:
C:\Program Files\Java\jreX\lib\security\java.policy
where X is the JRE series, such as 5 or 6.



Back to exploit index