Sun Java Runtime Environment Font.createFont() denial of service

sun-java-fontcreatefont-dos (26493) The risk level is classified as LowLow Risk

Description:

Sun Java Runtime Environment (JRE) is vulnerable to a denial of service caused by a vulnerability in the Font.createFont() method. The Font.createFont() method could create an overly large temporary file in the %temp% directory that could consume all available disk space.

Platforms Affected:

  • Canonical, Ubuntu 8.10
  • Debian, Debian Linux 5.0
  • RedHat, Enterprise Linux 5 Client
  • RedHat, Enterprise Linux 5
  • RedHat, RHEL Desktop Supplementary 5 Client
  • RedHat, RHEL Extras 4
  • RedHat, RHEL Supplementary 5 Server
  • Sun, JDK 1.5.0 Update1
  • Sun, JDK 1.5.0
  • Sun, JDK 1.5.0 Update2
  • Sun, JDK 1.5.0 Update3
  • Sun, JDK 1.5.0 Update4
  • Sun, JDK 1.5.0 Update5
  • Sun, JDK 1.5.0 Update6
  • Sun, JRE 1.4.2 Update7
  • Sun, JRE 1.4.2 Update8
  • Sun, JRE 1.4.2 Update9
  • Sun, JRE 1.4.2 Update5
  • Sun, JRE 1.4.2 Update4
  • Sun, JRE 1.4.2 Update3
  • Sun, JRE 1.4.2 Update2
  • Sun, JRE 1.4.2 Update11
  • Sun, JRE 1.4.2 Update6
  • Sun, JRE 1.4.2 Update1
  • Sun, JRE 1.4.2 Update10
  • Sun, JRE 1.4.2
  • Sun, JRE 1.5.0 Update4
  • Sun, JRE 1.5.0 Update6
  • Sun, JRE 1.5.0 Update1
  • Sun, JRE 1.5.0 Update2
  • Sun, JRE 1.5.0 Update5
  • Sun, JRE 1.5.0
  • Sun, JRE 1.5.0 Update3
  • Sun, SDK 1.4.2
  • Sun, SDK 1.4.2_01
  • Sun, SDK 1.4.2_02
  • Sun, SDK 1.4.2_03
  • Sun, SDK 1.4.2_04
  • Sun, SDK 1.4.2_05
  • Sun, SDK 1.4.2_06
  • Sun, SDK 1.4.2_07
  • Sun, SDK 1.4.2_08
  • Sun, SDK 1.4.2_09
  • Sun, SDK 1.4.2_10
  • Sun, SDK 1.4.2_11

Remedy:

Apply the appropriate patch for your system. See References.

Consequences:

Denial of Service

References:

  • BugTraq Mailing List, Sat May 13 2006 - 20:57:51 CDT, JDK 1.4.2_11, 1.5.0_06, unsigned applets consuming all free harddisk space at http://archives.neohapsis.com/archives/bugtraq/2006-05/0279.html.
  • ASA-2009-108: java-1.6.0-sun security update (RHSA-2009-0392)
  • ASA-2009-109: java-1.5.0-sun security update (RHSA-2009-0394)
  • BID-17981: Sun Java Applet Font.createFont Remote Denial Of Service Vulnerability
  • CVE-2006-2426: Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
  • DSA-1769: openjdk-6 -- several vulnerabilities
  • OSVDB ID: 25561: Sun Java JRE Font.createFont() Method Disk Space Saturation DoS
  • RHSA-2009-0377: Important: java-1.6.0-openjdk security update
  • RHSA-2009-0392: Critical: java-1.6.0-sun security update
  • RHSA-2009-0394: Critical: java-1.5.0-sun security update
  • SA20132: Sun Java JRE Large Temporary File Creation Vulnerability
  • SUSE-SR:2006:012: SUSE Security Summary Report
  • USN-748-1: OpenJDK vulnerabilities
  • VUPEN/ADV-2006-1824: Sun Java Runtime Environment Temporary File Creation Remote DoS Vulnerability

Reported:

May 13, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page