|CVSS SCORE||10.0, (AV:N/AC:L/Au:N/C:C/I:C/A:C)|
The specific flaw exists within AWT mediaLib. The specific issue lies in the handling of width and height values. The width and height are multiplied against one value when allocating a buffer but is multiplied against another value when copying data into the buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
Oracle has issued an update to correct this vulnerability. More details can be found at: