Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors. Per http://sunsolve.sun.com/search/document.do?assetkey1-26-247566-1
These issues are addressed in the following releases:
* Sun Java Wireless Toolkit for CLDC 2.5.2_01 or later
Sun Java Wireless Toolkit for CLDC is available at:
* http://java.sun.com/products/sjwtoolkit/
Publication date: Thu, 18 Dec 2008 02:30:00 +0000