Note: This is an archival copy of Security Sun Alert 247566 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019851.1.
Sun Java Wireless Toolkit for CLDC 2.5.2
Date of Resolved Release
Buffer overflow vulnerabilities in Sun Java Wireless Toolkit (WTK) for CLDC may allow an application to escalate privileges:
Two buffer overflow vulnerabilities in the Sun Java Wireless Toolkit (WTK) for CLDC (Connected Limited Device Configuration) may separately allow a malicious program to execute arbitrary code on the system running WTK with the privileges of the WTK process. For a malicious program to exploit these vulnerabilities, it would have to be downloaded and executed in the WTK.
2. Contributing Factors
These issues can occur in the following releases:
There are no symptoms that would indicate the described issues have occurred.
There are no workarounds for these issues. Please see the Resolution section below.
These issues are addressed in the following releases:
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment