[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-3864Date: (C)2009-11-05   (M)2023-12-22


The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SUNALERT-269868
BID-36881
SECUNIA-37231
SECUNIA-37239
ADV-2009-3131
SUSE-SA:2009:058
http://java.sun.com/javase/6/webnotes/6u17.html
oval:org.mitre.oval:def:6753

CPE    51
cpe:/a:sun:jdk:1.5.0:update17
cpe:/a:sun:jdk:1.5.0:update18
cpe:/a:sun:jdk:1.5.0:update19
cpe:/a:sun:jdk:1.5.0:update13
...
OVAL    2
oval:org.secpod.oval:def:19720
oval:org.secpod.oval:def:400070

© SecPod Technologies