Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-0822

Published: 17 June 2011

Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

From the Ubuntu Security Team

It was dicovered that integer overflows in the JPEGImageReader readImage() function and the SunLayoutEngine nativeLayout() function could allow an attacker cause a denial of service through an application crash or possibly execute arbitrary code.

Notes

AuthorNote
mdeslaur 
in natty+, NetX and the plugin moved to the icedtea-web package
sbeattie 
icedtea changelog included a reference to this CVE number in
the same entry for CVE-2011-0862, the related patch
(S7013519) fixes two distinct integer overflow, but it's not
clear which cve is for which issue

Priority

Medium

Status

Package Release Status
icedtea-web
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid Not vulnerable
(1.2-2ubuntu0.10.04.1)
maverick Does not exist

natty Not vulnerable

oneiric Not vulnerable

upstream Not vulnerable

openjdk-6
Launchpad, Ubuntu, Debian 		hardy
Released (6b27-1.12.3-0ubuntu1~08.04.1)
lucid
Released (6b20-1.9.8-0ubuntu1~10.04.1)
maverick
Released (6b20-1.9.8-0ubuntu1~10.10.1)
natty
Released (6b22-1.10.2-0ubuntu1~11.04.1)
oneiric Not vulnerable
(6b23~pre3-0ubuntu1)
upstream Needs triage

openjdk-6b18
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid
Released (6b18-1.8.8-0ubuntu1~10.04.1)
maverick
Released (6b18-1.8.8-0ubuntu1~10.10.1)
natty
Released (6b18-1.8.8-0ubuntu1~11.04.1)
oneiric
Released (6b18-1.8.8-0ubuntu1~11.04.1)
upstream Needs triage

sun-java5
Launchpad, Ubuntu, Debian 		hardy Ignored
(end of life)
lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream Needs triage

sun-java6
Launchpad, Ubuntu, Debian 		hardy Ignored
(end of life)
lucid
Released (6.26-1lucid1)
maverick
Released (6.26-1maverick1)
natty
Released (6.26-1natty)
oneiric Does not exist

upstream
Released (6.26)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading