Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for openjdk by sun

    CVE-2009-3884 (GCVE-0-2009-3884)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=530300 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3970 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3969 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/37581 third-party-advisoryx_refsource_SECUNIA
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530300"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3970"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3969"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "APPLE-SA-2009-12-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
              },
              {
                "name": "oval:org.mitre.oval:def:11686",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686"
              },
              {
                "name": "oval:org.mitre.oval:def:6960",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960"
              },
              {
                "name": "APPLE-SA-2009-12-03-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
              },
              {
                "name": "37581",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530300"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3970"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3969"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "APPLE-SA-2009-12-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11686",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686"
            },
            {
              "name": "oval:org.mitre.oval:def:6960",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960"
            },
            {
              "name": "APPLE-SA-2009-12-03-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
            },
            {
              "name": "37581",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3884",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3883 (GCVE-0-2009-3883)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=530175 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10191",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
              },
              {
                "name": "oval:org.mitre.oval:def:6968",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10191",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
            },
            {
              "name": "oval:org.mitre.oval:def:6968",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3883",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3882 (GCVE-0-2009-3882)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530175 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
              },
              {
                "name": "oval:org.mitre.oval:def:8841",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              },
              {
                "name": "oval:org.mitre.oval:def:7300",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657026."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
            },
            {
              "name": "oval:org.mitre.oval:def:8841",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            },
            {
              "name": "oval:org.mitre.oval:def:7300",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3882",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3881 (GCVE-0-2009-3881)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=530173 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:11484",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11484"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530173"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:6906",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6906"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an \"information leak vulnerability,\" aka Bug Id 6636650."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:11484",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11484"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530173"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:6906",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6906"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3881",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3880 (GCVE-0-2009-3880)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530296 x_refsource_CONFIRM
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.096Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:7316",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316"
              },
              {
                "name": "oval:org.mitre.oval:def:10761",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530296"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:7316",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316"
            },
            {
              "name": "oval:org.mitre.oval:def:10761",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530296"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3880",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3879 (GCVE-0-2009-3879)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530297 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:7545",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7545"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530297"
              },
              {
                "name": "oval:org.mitre.oval:def:9568",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9568"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:7545",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7545"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530297"
            },
            {
              "name": "oval:org.mitre.oval:def:9568",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9568"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3879",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.627Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3728 (GCVE-0-2009-3728)

    Vulnerability from nvd – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://support.apple.com/kb/HT3970 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3969 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/37581 third-party-advisoryx_refsource_SECUNIA
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=530098 x_refsource_CONFIRM
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:6657",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6657"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3970"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3969"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10520",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10520"
              },
              {
                "name": "APPLE-SA-2009-12-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
              },
              {
                "name": "APPLE-SA-2009-12-03-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
              },
              {
                "name": "37581",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530098"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:6657",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6657"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3970"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3969"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10520",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10520"
            },
            {
              "name": "APPLE-SA-2009-12-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
            },
            {
              "name": "APPLE-SA-2009-12-03-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
            },
            {
              "name": "37581",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530098"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3728",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2690 (GCVE-0-2009-2690)

    Vulnerability from nvd – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=513223 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "oval:org.mitre.oval:def:9443",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "oval:org.mitre.oval:def:9443",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2690",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1200",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
                },
                {
                  "name": "36162",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36162"
                },
                {
                  "name": "ADV-2009-2543",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2543"
                },
                {
                  "name": "GLSA-200911-02",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
                },
                {
                  "name": "oval:org.mitre.oval:def:9443",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513223",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
                },
                {
                  "name": "MDVSA-2009:209",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
                },
                {
                  "name": "FEDORA-2009-8329",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
                },
                {
                  "name": "http://java.sun.com/javase/6/webnotes/6u15.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
                },
                {
                  "name": "36180",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36180"
                },
                {
                  "name": "36176",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36176"
                },
                {
                  "name": "FEDORA-2009-8337",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
                },
                {
                  "name": "SUSE-SR:2009:016",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
                },
                {
                  "name": "APPLE-SA-2009-09-03-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
                },
                {
                  "name": "RHSA-2009:1201",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
                },
                {
                  "name": "37386",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37386"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2690",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2689 (GCVE-0-2009-2689)

    Vulnerability from nvd – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1199.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/36199 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=513222 x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.241Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1199",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "oval:org.mitre.oval:def:9603",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "36199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36199"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2009:1199",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "oval:org.mitre.oval:def:9603",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "36199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36199"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2689",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1199",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
                },
                {
                  "name": "36162",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36162"
                },
                {
                  "name": "ADV-2009-2543",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2543"
                },
                {
                  "name": "oval:org.mitre.oval:def:9603",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
                },
                {
                  "name": "GLSA-200911-02",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
                },
                {
                  "name": "36199",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36199"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
                },
                {
                  "name": "MDVSA-2009:209",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
                },
                {
                  "name": "FEDORA-2009-8329",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
                },
                {
                  "name": "http://java.sun.com/javase/6/webnotes/6u15.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
                },
                {
                  "name": "36180",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36180"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
                },
                {
                  "name": "FEDORA-2009-8337",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513222",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
                },
                {
                  "name": "SUSE-SR:2009:016",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
                },
                {
                  "name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
                },
                {
                  "name": "APPLE-SA-2009-09-03-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
                },
                {
                  "name": "RHSA-2009:1201",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
                },
                {
                  "name": "37386",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37386"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2689",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.241Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2476 (GCVE-0-2009-2476)

    Vulnerability from nvd – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:52
    VLAI
    Summary
    The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=513220 x_refsource_CONFIRM
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:52:15.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220"
              },
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10381",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10381"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220"
            },
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10381",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10381"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-2476",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-07-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:52:15.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2475 (GCVE-0-2009-2475)

    Vulnerability from nvd – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:52
    VLAI
    Summary
    Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=513215 x_refsource_CONFIRM
    https://rhn.redhat.com/errata/RHSA-2009-1199.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/36199 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:52:14.899Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
              },
              {
                "name": "RHSA-2009:1199",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "36199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36199"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10221",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10221"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
            },
            {
              "name": "RHSA-2009:1199",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "36199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36199"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10221",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10221"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-2475",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-07-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:52:14.899Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1896 (GCVE-0-2009-1896)

    Vulnerability from nvd – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:27
    VLAI
    Summary
    The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=512101 x_refsource_CONFIRM
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-08-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:27:54.834Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512101"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-08-26T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512101"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-1896",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-06-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:27:54.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0794 (GCVE-0-2009-0794)

    Vulnerability from nvd – Published: 2009-04-13 16:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34623 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2009/0965 vdb-entryx_refsource_VUPEN
    https://bugzilla.redhat.com/show_bug.cgi?id=492367 x_refsource_CONFIRM
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://mail.openjdk.java.net/pipermail/distro-pkg… mailing-listx_refsource_MLIST
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.876Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34623",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34623"
              },
              {
                "name": "pulsejava--pulseaudiotargetdatal-dos(50383)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50383"
              },
              {
                "name": "ADV-2009-0965",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0965"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492367"
              },
              {
                "name": "FEDORA-2009-3426",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "[distro-pkg-dev] 20090211 changeset in /hg/icedtea6: 2009-02-11 Omair Majid \u003comajid at redh...",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html"
              },
              {
                "name": "FEDORA-2009-3425",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34623",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34623"
            },
            {
              "name": "pulsejava--pulseaudiotargetdatal-dos(50383)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50383"
            },
            {
              "name": "ADV-2009-0965",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0965"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492367"
            },
            {
              "name": "FEDORA-2009-3426",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "[distro-pkg-dev] 20090211 changeset in /hg/icedtea6: 2009-02-11 Omair Majid \u003comajid at redh...",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html"
            },
            {
              "name": "FEDORA-2009-3425",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-0794",
        "datePublished": "2009-04-13T16:00:00.000Z",
        "dateReserved": "2009-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.876Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0793 (GCVE-0-2009-0793)

    Vulnerability from nvd – Published: 2009-04-09 15:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34635 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34632 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/34623 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1043-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/34675 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/0964 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/35048 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://rhn.redhat.com/errata/RHSA-2009-0377.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/34782 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2011/0087 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.securityfocus.com/bid/34411 vdb-entryx_refsource_BID
    https://bugzilla.redhat.com/show_bug.cgi?id=492353 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34420 vdb-entryx_refsource_BID
    http://www.debian.org/security/2009/dsa-1769 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2009/0963 vdb-entryx_refsource_VUPEN
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/34634 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/42870 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200904-19.xml vendor-advisoryx_refsource_GENTOO
    Date Public
    2009-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.902Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34635"
              },
              {
                "name": "34632",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34632"
              },
              {
                "name": "FEDORA-2009-3914",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
              },
              {
                "name": "34623",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34623"
              },
              {
                "name": "USN-1043-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1043-1"
              },
              {
                "name": "34675",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34675"
              },
              {
                "name": "ADV-2009-0964",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0964"
              },
              {
                "name": "35048",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35048"
              },
              {
                "name": "FEDORA-2009-3426",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
              },
              {
                "name": "RHSA-2009:0377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
              },
              {
                "name": "34782",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34782"
              },
              {
                "name": "ADV-2011-0087",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0087"
              },
              {
                "name": "oval:org.mitre.oval:def:11340",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "FEDORA-2009-3425",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
              },
              {
                "name": "34411",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34411"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
              },
              {
                "name": "34420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34420"
              },
              {
                "name": "DSA-1769",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1769"
              },
              {
                "name": "ADV-2009-0963",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0963"
              },
              {
                "name": "FEDORA-2009-3967",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
              },
              {
                "name": "34634",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34634"
              },
              {
                "name": "MDVSA-2009:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
              },
              {
                "name": "42870",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42870"
              },
              {
                "name": "GLSA-200904-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for \"transformations of monochrome profiles.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34635"
            },
            {
              "name": "34632",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34632"
            },
            {
              "name": "FEDORA-2009-3914",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
            },
            {
              "name": "34623",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34623"
            },
            {
              "name": "USN-1043-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1043-1"
            },
            {
              "name": "34675",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34675"
            },
            {
              "name": "ADV-2009-0964",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0964"
            },
            {
              "name": "35048",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35048"
            },
            {
              "name": "FEDORA-2009-3426",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
            },
            {
              "name": "RHSA-2009:0377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
            },
            {
              "name": "34782",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34782"
            },
            {
              "name": "ADV-2011-0087",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0087"
            },
            {
              "name": "oval:org.mitre.oval:def:11340",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "FEDORA-2009-3425",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
            },
            {
              "name": "34411",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34411"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
            },
            {
              "name": "34420",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34420"
            },
            {
              "name": "DSA-1769",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1769"
            },
            {
              "name": "ADV-2009-0963",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0963"
            },
            {
              "name": "FEDORA-2009-3967",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
            },
            {
              "name": "34634",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34634"
            },
            {
              "name": "MDVSA-2009:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
            },
            {
              "name": "42870",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42870"
            },
            {
              "name": "GLSA-200904-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-0793",
        "datePublished": "2009-04-09T15:00:00.000Z",
        "dateReserved": "2009-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0733 (GCVE-0-2009-0733)

    Vulnerability from nvd – Published: 2009-03-23 14:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34632 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34450 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1021869 vdb-entryx_refsource_SECTRACK
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.ubuntu.com/usn/USN-744-1 vendor-advisoryx_refsource_UBUNTU
    http://www.debian.org/security/2009/dsa-1745 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34675 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34454 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34442 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://scary.beasts.org/security/CESA-2009-003.html x_refsource_MISC
    http://secunia.com/advisories/34382 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://secunia.com/advisories/34418 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/502031/100… mailing-listx_refsource_BUGTRAQ
    https://rhn.redhat.com/errata/RHSA-2009-0377.html vendor-advisoryx_refsource_REDHAT
    http://www.ocert.org/advisories/ocert-2009-003.html x_refsource_MISC
    http://scarybeastsecurity.blogspot.com/2009/03/li… x_refsource_MISC
    http://secunia.com/advisories/34782 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34367 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2009-03… vendor-advisoryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=487512 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2009/0775 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/34463 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34408 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1769 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34400 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/502018/100… mailing-listx_refsource_BUGTRAQ
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.securityfocus.com/bid/34185 vdb-entryx_refsource_BID
    http://security.gentoo.org/glsa/glsa-200904-19.xml vendor-advisoryx_refsource_GENTOO
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.638Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2009-2970",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
              },
              {
                "name": "littlecms-readsetofcurves-bo(49330)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49330"
              },
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34632",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34632"
              },
              {
                "name": "34450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34450"
              },
              {
                "name": "1021869",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021869"
              },
              {
                "name": "FEDORA-2009-2928",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
              },
              {
                "name": "SUSE-SR:2009:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
              },
              {
                "name": "USN-744-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-744-1"
              },
              {
                "name": "DSA-1745",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1745"
              },
              {
                "name": "34675",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34675"
              },
              {
                "name": "34454",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34454"
              },
              {
                "name": "34442",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34442"
              },
              {
                "name": "FEDORA-2009-2982",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
              },
              {
                "name": "FEDORA-2009-3034",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
              },
              {
                "name": "FEDORA-2009-2903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2009-003.html"
              },
              {
                "name": "34382",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34382"
              },
              {
                "name": "SSA:2009-083-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
              },
              {
                "name": "34418",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34418"
              },
              {
                "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
              },
              {
                "name": "RHSA-2009:0377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
              },
              {
                "name": "34782",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34782"
              },
              {
                "name": "34367",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34367"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "RHSA-2009:0339",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487512"
              },
              {
                "name": "ADV-2009-0775",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0775"
              },
              {
                "name": "34463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34463"
              },
              {
                "name": "34408",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34408"
              },
              {
                "name": "DSA-1769",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1769"
              },
              {
                "name": "34400",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34400"
              },
              {
                "name": "MDVSA-2009:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
              },
              {
                "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
              },
              {
                "name": "FEDORA-2009-2910",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
              },
              {
                "name": "oval:org.mitre.oval:def:9742",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9742"
              },
              {
                "name": "34185",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34185"
              },
              {
                "name": "GLSA-200904-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
              },
              {
                "name": "FEDORA-2009-2983",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2009-2970",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
            },
            {
              "name": "littlecms-readsetofcurves-bo(49330)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49330"
            },
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34632",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34632"
            },
            {
              "name": "34450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34450"
            },
            {
              "name": "1021869",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021869"
            },
            {
              "name": "FEDORA-2009-2928",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
            },
            {
              "name": "SUSE-SR:2009:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
            },
            {
              "name": "USN-744-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-744-1"
            },
            {
              "name": "DSA-1745",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1745"
            },
            {
              "name": "34675",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34675"
            },
            {
              "name": "34454",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34454"
            },
            {
              "name": "34442",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34442"
            },
            {
              "name": "FEDORA-2009-2982",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
            },
            {
              "name": "FEDORA-2009-3034",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
            },
            {
              "name": "FEDORA-2009-2903",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2009-003.html"
            },
            {
              "name": "34382",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34382"
            },
            {
              "name": "SSA:2009-083-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
            },
            {
              "name": "34418",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34418"
            },
            {
              "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
            },
            {
              "name": "RHSA-2009:0377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
            },
            {
              "name": "34782",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34782"
            },
            {
              "name": "34367",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34367"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "RHSA-2009:0339",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487512"
            },
            {
              "name": "ADV-2009-0775",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0775"
            },
            {
              "name": "34463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34463"
            },
            {
              "name": "34408",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34408"
            },
            {
              "name": "DSA-1769",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1769"
            },
            {
              "name": "34400",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34400"
            },
            {
              "name": "MDVSA-2009:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
            },
            {
              "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
            },
            {
              "name": "FEDORA-2009-2910",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9742",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9742"
            },
            {
              "name": "34185",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34185"
            },
            {
              "name": "GLSA-200904-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
            },
            {
              "name": "FEDORA-2009-2983",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2009-2970",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
                },
                {
                  "name": "littlecms-readsetofcurves-bo(49330)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49330"
                },
                {
                  "name": "MDVSA-2009:137",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
                },
                {
                  "name": "34632",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34632"
                },
                {
                  "name": "34450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34450"
                },
                {
                  "name": "1021869",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1021869"
                },
                {
                  "name": "FEDORA-2009-2928",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
                },
                {
                  "name": "SUSE-SR:2009:007",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
                },
                {
                  "name": "USN-744-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-744-1"
                },
                {
                  "name": "DSA-1745",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1745"
                },
                {
                  "name": "34675",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34675"
                },
                {
                  "name": "34454",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34454"
                },
                {
                  "name": "34442",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34442"
                },
                {
                  "name": "FEDORA-2009-2982",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
                },
                {
                  "name": "FEDORA-2009-3034",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
                },
                {
                  "name": "FEDORA-2009-2903",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2009-003.html",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2009-003.html"
                },
                {
                  "name": "34382",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34382"
                },
                {
                  "name": "SSA:2009-083-01",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
                },
                {
                  "name": "34418",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34418"
                },
                {
                  "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
                },
                {
                  "name": "RHSA-2009:0377",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
                },
                {
                  "name": "http://www.ocert.org/advisories/ocert-2009-003.html",
                  "refsource": "MISC",
                  "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
                },
                {
                  "name": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",
                  "refsource": "MISC",
                  "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
                },
                {
                  "name": "34782",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34782"
                },
                {
                  "name": "34367",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34367"
                },
                {
                  "name": "MDVSA-2009:162",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
                },
                {
                  "name": "RHSA-2009:0339",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=487512",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487512"
                },
                {
                  "name": "ADV-2009-0775",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0775"
                },
                {
                  "name": "34463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34463"
                },
                {
                  "name": "34408",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34408"
                },
                {
                  "name": "DSA-1769",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1769"
                },
                {
                  "name": "34400",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34400"
                },
                {
                  "name": "MDVSA-2009:121",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
                },
                {
                  "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
                },
                {
                  "name": "FEDORA-2009-2910",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:9742",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9742"
                },
                {
                  "name": "34185",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34185"
                },
                {
                  "name": "GLSA-200904-19",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
                },
                {
                  "name": "FEDORA-2009-2983",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0733",
        "datePublished": "2009-03-23T14:00:00.000Z",
        "dateReserved": "2009-02-25T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0723 (GCVE-0-2009-0723)

    Vulnerability from nvd – Published: 2009-03-23 14:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34632 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34450 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1021869 vdb-entryx_refsource_SECTRACK
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://www.ubuntu.com/usn/USN-744-1 vendor-advisoryx_refsource_UBUNTU
    http://www.debian.org/security/2009/dsa-1745 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34675 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34454 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34442 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://scary.beasts.org/security/CESA-2009-003.html x_refsource_MISC
    http://secunia.com/advisories/34382 third-party-advisoryx_refsource_SECUNIA
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://bugzilla.redhat.com/show_bug.cgi?id=487508 x_refsource_CONFIRM
    http://secunia.com/advisories/34418 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/502031/100… mailing-listx_refsource_BUGTRAQ
    https://rhn.redhat.com/errata/RHSA-2009-0377.html vendor-advisoryx_refsource_REDHAT
    http://www.ocert.org/advisories/ocert-2009-003.html x_refsource_MISC
    http://scarybeastsecurity.blogspot.com/2009/03/li… x_refsource_MISC
    http://secunia.com/advisories/34782 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34367 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2009-03… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2009/0775 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/34463 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34408 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1769 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/34400 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/502018/100… mailing-listx_refsource_BUGTRAQ
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.securityfocus.com/bid/34185 vdb-entryx_refsource_BID
    http://security.gentoo.org/glsa/glsa-200904-19.xml vendor-advisoryx_refsource_GENTOO
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-03-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.612Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2009-2970",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
              },
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34632",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34632"
              },
              {
                "name": "34450",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34450"
              },
              {
                "name": "1021869",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021869"
              },
              {
                "name": "FEDORA-2009-2928",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
              },
              {
                "name": "SUSE-SR:2009:007",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
              },
              {
                "name": "USN-744-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-744-1"
              },
              {
                "name": "DSA-1745",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1745"
              },
              {
                "name": "34675",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34675"
              },
              {
                "name": "34454",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34454"
              },
              {
                "name": "34442",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34442"
              },
              {
                "name": "FEDORA-2009-2982",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
              },
              {
                "name": "FEDORA-2009-3034",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
              },
              {
                "name": "FEDORA-2009-2903",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2009-003.html"
              },
              {
                "name": "34382",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34382"
              },
              {
                "name": "SSA:2009-083-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
              },
              {
                "name": "littlecms-unspecified-bo(49326)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49326"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487508"
              },
              {
                "name": "34418",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34418"
              },
              {
                "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
              },
              {
                "name": "RHSA-2009:0377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
              },
              {
                "name": "34782",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34782"
              },
              {
                "name": "34367",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34367"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "RHSA-2009:0339",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
              },
              {
                "name": "ADV-2009-0775",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0775"
              },
              {
                "name": "34463",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34463"
              },
              {
                "name": "34408",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34408"
              },
              {
                "name": "DSA-1769",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1769"
              },
              {
                "name": "34400",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34400"
              },
              {
                "name": "oval:org.mitre.oval:def:11780",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11780"
              },
              {
                "name": "MDVSA-2009:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
              },
              {
                "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
              },
              {
                "name": "FEDORA-2009-2910",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
              },
              {
                "name": "34185",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34185"
              },
              {
                "name": "GLSA-200904-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
              },
              {
                "name": "FEDORA-2009-2983",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-03-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2009-2970",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
            },
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34632",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34632"
            },
            {
              "name": "34450",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34450"
            },
            {
              "name": "1021869",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021869"
            },
            {
              "name": "FEDORA-2009-2928",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
            },
            {
              "name": "SUSE-SR:2009:007",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
            },
            {
              "name": "USN-744-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-744-1"
            },
            {
              "name": "DSA-1745",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1745"
            },
            {
              "name": "34675",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34675"
            },
            {
              "name": "34454",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34454"
            },
            {
              "name": "34442",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34442"
            },
            {
              "name": "FEDORA-2009-2982",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
            },
            {
              "name": "FEDORA-2009-3034",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
            },
            {
              "name": "FEDORA-2009-2903",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2009-003.html"
            },
            {
              "name": "34382",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34382"
            },
            {
              "name": "SSA:2009-083-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
            },
            {
              "name": "littlecms-unspecified-bo(49326)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49326"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487508"
            },
            {
              "name": "34418",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34418"
            },
            {
              "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
            },
            {
              "name": "RHSA-2009:0377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
            },
            {
              "name": "34782",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34782"
            },
            {
              "name": "34367",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34367"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "RHSA-2009:0339",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
            },
            {
              "name": "ADV-2009-0775",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0775"
            },
            {
              "name": "34463",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34463"
            },
            {
              "name": "34408",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34408"
            },
            {
              "name": "DSA-1769",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1769"
            },
            {
              "name": "34400",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34400"
            },
            {
              "name": "oval:org.mitre.oval:def:11780",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11780"
            },
            {
              "name": "MDVSA-2009:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
            },
            {
              "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
            },
            {
              "name": "FEDORA-2009-2910",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
            },
            {
              "name": "34185",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34185"
            },
            {
              "name": "GLSA-200904-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
            },
            {
              "name": "FEDORA-2009-2983",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0723",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2009-2970",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html"
                },
                {
                  "name": "MDVSA-2009:137",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
                },
                {
                  "name": "34632",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34632"
                },
                {
                  "name": "34450",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34450"
                },
                {
                  "name": "1021869",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1021869"
                },
                {
                  "name": "FEDORA-2009-2928",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html"
                },
                {
                  "name": "SUSE-SR:2009:007",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
                },
                {
                  "name": "USN-744-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-744-1"
                },
                {
                  "name": "DSA-1745",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1745"
                },
                {
                  "name": "34675",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34675"
                },
                {
                  "name": "34454",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34454"
                },
                {
                  "name": "34442",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34442"
                },
                {
                  "name": "FEDORA-2009-2982",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html"
                },
                {
                  "name": "FEDORA-2009-3034",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html"
                },
                {
                  "name": "FEDORA-2009-2903",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2009-003.html",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2009-003.html"
                },
                {
                  "name": "34382",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34382"
                },
                {
                  "name": "SSA:2009-083-01",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.487438"
                },
                {
                  "name": "littlecms-unspecified-bo(49326)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49326"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=487508",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487508"
                },
                {
                  "name": "34418",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34418"
                },
                {
                  "name": "20090320 [oCERT-2009-003] LittleCMS integer errors",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502031/100/0/threaded"
                },
                {
                  "name": "RHSA-2009:0377",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
                },
                {
                  "name": "http://www.ocert.org/advisories/ocert-2009-003.html",
                  "refsource": "MISC",
                  "url": "http://www.ocert.org/advisories/ocert-2009-003.html"
                },
                {
                  "name": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html",
                  "refsource": "MISC",
                  "url": "http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html"
                },
                {
                  "name": "34782",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34782"
                },
                {
                  "name": "34367",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34367"
                },
                {
                  "name": "MDVSA-2009:162",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
                },
                {
                  "name": "RHSA-2009:0339",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-0339.html"
                },
                {
                  "name": "ADV-2009-0775",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0775"
                },
                {
                  "name": "34463",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34463"
                },
                {
                  "name": "34408",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34408"
                },
                {
                  "name": "DSA-1769",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1769"
                },
                {
                  "name": "34400",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34400"
                },
                {
                  "name": "oval:org.mitre.oval:def:11780",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11780"
                },
                {
                  "name": "MDVSA-2009:121",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
                },
                {
                  "name": "20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502018/100/0/threaded"
                },
                {
                  "name": "FEDORA-2009-2910",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html"
                },
                {
                  "name": "34185",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34185"
                },
                {
                  "name": "GLSA-200904-19",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
                },
                {
                  "name": "FEDORA-2009-2983",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0723",
        "datePublished": "2009-03-23T14:00:00.000Z",
        "dateReserved": "2009-02-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.612Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3879 (GCVE-0-2009-3879)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530297 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:7545",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7545"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530297"
              },
              {
                "name": "oval:org.mitre.oval:def:9568",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9568"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:7545",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7545"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530297"
            },
            {
              "name": "oval:org.mitre.oval:def:9568",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9568"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3879",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.627Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3884 (GCVE-0-2009-3884)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=530300 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3970 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3969 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/37581 third-party-advisoryx_refsource_SECUNIA
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530300"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3970"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3969"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "APPLE-SA-2009-12-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
              },
              {
                "name": "oval:org.mitre.oval:def:11686",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686"
              },
              {
                "name": "oval:org.mitre.oval:def:6960",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960"
              },
              {
                "name": "APPLE-SA-2009-12-03-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
              },
              {
                "name": "37581",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530300"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3970"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3969"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "APPLE-SA-2009-12-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11686",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686"
            },
            {
              "name": "oval:org.mitre.oval:def:6960",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960"
            },
            {
              "name": "APPLE-SA-2009-12-03-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
            },
            {
              "name": "37581",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3884",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3881 (GCVE-0-2009-3881)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=530173 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:11484",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11484"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530173"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:6906",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6906"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an \"information leak vulnerability,\" aka Bug Id 6636650."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:11484",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11484"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530173"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:6906",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6906"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3881",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3728 (GCVE-0-2009-3728)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://support.apple.com/kb/HT3970 x_refsource_CONFIRM
    http://support.apple.com/kb/HT3969 x_refsource_CONFIRM
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://secunia.com/advisories/37581 third-party-advisoryx_refsource_SECUNIA
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=530098 x_refsource_CONFIRM
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:6657",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6657"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3970"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.apple.com/kb/HT3969"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10520",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10520"
              },
              {
                "name": "APPLE-SA-2009-12-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
              },
              {
                "name": "APPLE-SA-2009-12-03-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
              },
              {
                "name": "37581",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530098"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:6657",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6657"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3970"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.apple.com/kb/HT3969"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10520",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10520"
            },
            {
              "name": "APPLE-SA-2009-12-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
            },
            {
              "name": "APPLE-SA-2009-12-03-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
            },
            {
              "name": "37581",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530098"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3728",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3882 (GCVE-0-2009-3882)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530175 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
              },
              {
                "name": "oval:org.mitre.oval:def:8841",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              },
              {
                "name": "oval:org.mitre.oval:def:7300",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657026."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
            },
            {
              "name": "oval:org.mitre.oval:def:8841",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            },
            {
              "name": "oval:org.mitre.oval:def:7300",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3882",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3883 (GCVE-0-2009-3883)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=530175 x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10191",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
              },
              {
                "name": "oval:org.mitre.oval:def:6968",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10191",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
            },
            {
              "name": "oval:org.mitre.oval:def:6968",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3883",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3880 (GCVE-0-2009-3880)

    Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    https://bugzilla.redhat.com/show_bug.cgi?id=530296 x_refsource_CONFIRM
    http://java.sun.com/javase/6/webnotes/6u17.html x_refsource_CONFIRM
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-11-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:50.096Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:7316",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316"
              },
              {
                "name": "oval:org.mitre.oval:def:10761",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530296"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "MDVSA-2010:084",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:7316",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7316"
            },
            {
              "name": "oval:org.mitre.oval:def:10761",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10761"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530296"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "MDVSA-2010:084",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3880",
        "datePublished": "2009-11-09T19:00:00.000Z",
        "dateReserved": "2009-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:50.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1896 (GCVE-0-2009-1896)

    Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:27
    VLAI
    Summary
    The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=512101 x_refsource_CONFIRM
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-08-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:27:54.834Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512101"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-08-26T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512101"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-1896",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-06-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:27:54.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2475 (GCVE-0-2009-2475)

    Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:52
    VLAI
    Summary
    Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=513215 x_refsource_CONFIRM
    https://rhn.redhat.com/errata/RHSA-2009-1199.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/36199 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:52:14.899Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
              },
              {
                "name": "RHSA-2009:1199",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "36199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36199"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10221",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10221"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
            },
            {
              "name": "RHSA-2009:1199",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "36199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36199"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10221",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10221"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-2475",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-07-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:52:14.899Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2689 (GCVE-0-2009-2689)

    Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1199.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/36199 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/show_bug.cgi?id=513222 x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://java.sun.com/j2se/1.5.0/ReleaseNotes.html x_refsource_CONFIRM
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.241Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1199",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "oval:org.mitre.oval:def:9603",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "name": "36199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36199"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2009:1199",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "oval:org.mitre.oval:def:9603",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "name": "36199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36199"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2689",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1199",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
                },
                {
                  "name": "36162",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36162"
                },
                {
                  "name": "ADV-2009-2543",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2543"
                },
                {
                  "name": "oval:org.mitre.oval:def:9603",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
                },
                {
                  "name": "GLSA-200911-02",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
                },
                {
                  "name": "36199",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36199"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
                },
                {
                  "name": "MDVSA-2009:209",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
                },
                {
                  "name": "FEDORA-2009-8329",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
                },
                {
                  "name": "http://java.sun.com/javase/6/webnotes/6u15.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
                },
                {
                  "name": "36180",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36180"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
                },
                {
                  "name": "FEDORA-2009-8337",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513222",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
                },
                {
                  "name": "SUSE-SR:2009:016",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
                },
                {
                  "name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
                },
                {
                  "name": "APPLE-SA-2009-09-03-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
                },
                {
                  "name": "RHSA-2009:1201",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
                },
                {
                  "name": "37386",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37386"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2689",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.241Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2476 (GCVE-0-2009-2476)

    Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:52
    VLAI
    Summary
    The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.redhat.com/show_bug.cgi?id=513220 x_refsource_CONFIRM
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:52:15.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220"
              },
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "name": "oval:org.mitre.oval:def:10381",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10381"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220"
            },
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10381",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10381"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-2476",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-07-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:52:15.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2690 (GCVE-0-2009-2690)

    Vulnerability from cvelistv5 – Published: 2009-08-10 18:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://rhn.redhat.com/errata/RHSA-2009-1200.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/36162 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/2543 vdb-entryx_refsource_VUPEN
    http://security.gentoo.org/glsa/glsa-200911-02.xml vendor-advisoryx_refsource_GENTOO
    http://sunsolve.sun.com/search/document.do?assetk… x_refsource_CONFIRM
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.redhat.com/show_bug.cgi?id=513223 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://java.sun.com/javase/6/webnotes/6u15.html x_refsource_CONFIRM
    http://secunia.com/advisories/36180 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/36176 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    https://rhn.redhat.com/errata/RHSA-2009-1201.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/37386 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-08-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1200",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
              },
              {
                "name": "36162",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36162"
              },
              {
                "name": "ADV-2009-2543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2543"
              },
              {
                "name": "GLSA-200911-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
              },
              {
                "name": "oval:org.mitre.oval:def:9443",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
              },
              {
                "name": "MDVSA-2009:209",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
              },
              {
                "name": "FEDORA-2009-8329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
              },
              {
                "name": "36180",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36180"
              },
              {
                "name": "36176",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36176"
              },
              {
                "name": "FEDORA-2009-8337",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
              },
              {
                "name": "SUSE-SR:2009:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
              },
              {
                "name": "APPLE-SA-2009-09-03-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
              },
              {
                "name": "RHSA-2009:1201",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
              },
              {
                "name": "37386",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37386"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-18T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2009:1200",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
            },
            {
              "name": "36162",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36162"
            },
            {
              "name": "ADV-2009-2543",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2543"
            },
            {
              "name": "GLSA-200911-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
            },
            {
              "name": "oval:org.mitre.oval:def:9443",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
            },
            {
              "name": "MDVSA-2009:209",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
            },
            {
              "name": "FEDORA-2009-8329",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
            },
            {
              "name": "36180",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36180"
            },
            {
              "name": "36176",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36176"
            },
            {
              "name": "FEDORA-2009-8337",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
            },
            {
              "name": "SUSE-SR:2009:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
            },
            {
              "name": "APPLE-SA-2009-09-03-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
            },
            {
              "name": "RHSA-2009:1201",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
            },
            {
              "name": "37386",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37386"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2690",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1200",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
                },
                {
                  "name": "36162",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36162"
                },
                {
                  "name": "ADV-2009-2543",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2543"
                },
                {
                  "name": "GLSA-200911-02",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
                },
                {
                  "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1",
                  "refsource": "CONFIRM",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
                },
                {
                  "name": "oval:org.mitre.oval:def:9443",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513223",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223"
                },
                {
                  "name": "MDVSA-2009:209",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
                },
                {
                  "name": "FEDORA-2009-8329",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
                },
                {
                  "name": "http://java.sun.com/javase/6/webnotes/6u15.html",
                  "refsource": "CONFIRM",
                  "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
                },
                {
                  "name": "36180",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36180"
                },
                {
                  "name": "36176",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36176"
                },
                {
                  "name": "FEDORA-2009-8337",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
                },
                {
                  "name": "SUSE-SR:2009:016",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
                },
                {
                  "name": "APPLE-SA-2009-09-03-1",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
                },
                {
                  "name": "RHSA-2009:1201",
                  "refsource": "REDHAT",
                  "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
                },
                {
                  "name": "37386",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37386"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2690",
        "datePublished": "2009-08-10T18:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0794 (GCVE-0-2009-0794)

    Vulnerability from cvelistv5 – Published: 2009-04-13 16:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34623 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2009/0965 vdb-entryx_refsource_VUPEN
    https://bugzilla.redhat.com/show_bug.cgi?id=492367 x_refsource_CONFIRM
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://mail.openjdk.java.net/pipermail/distro-pkg… mailing-listx_refsource_MLIST
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    Date Public
    2009-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.876Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34623",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34623"
              },
              {
                "name": "pulsejava--pulseaudiotargetdatal-dos(50383)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50383"
              },
              {
                "name": "ADV-2009-0965",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0965"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492367"
              },
              {
                "name": "FEDORA-2009-3426",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "[distro-pkg-dev] 20090211 changeset in /hg/icedtea6: 2009-02-11 Omair Majid \u003comajid at redh...",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html"
              },
              {
                "name": "FEDORA-2009-3425",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34623",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34623"
            },
            {
              "name": "pulsejava--pulseaudiotargetdatal-dos(50383)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50383"
            },
            {
              "name": "ADV-2009-0965",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0965"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492367"
            },
            {
              "name": "FEDORA-2009-3426",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "[distro-pkg-dev] 20090211 changeset in /hg/icedtea6: 2009-02-11 Omair Majid \u003comajid at redh...",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2009-February/004729.html"
            },
            {
              "name": "FEDORA-2009-3425",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-0794",
        "datePublished": "2009-04-13T16:00:00.000Z",
        "dateReserved": "2009-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.876Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0793 (GCVE-0-2009-0793)

    Vulnerability from cvelistv5 – Published: 2009-04-09 15:00 – Updated: 2024-08-07 04:48
    VLAI
    Summary
    cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/34635 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/34632 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/34623 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/USN-1043-1 vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/34675 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2009/0964 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/35048 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    https://rhn.redhat.com/errata/RHSA-2009-0377.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/34782 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2011/0087 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.securityfocus.com/bid/34411 vdb-entryx_refsource_BID
    https://bugzilla.redhat.com/show_bug.cgi?id=492353 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34420 vdb-entryx_refsource_BID
    http://www.debian.org/security/2009/dsa-1769 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2009/0963 vdb-entryx_refsource_VUPEN
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/34634 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://secunia.com/advisories/42870 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-200904-19.xml vendor-advisoryx_refsource_GENTOO
    Date Public
    2009-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:48:51.902Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDVSA-2009:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
              },
              {
                "name": "34635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34635"
              },
              {
                "name": "34632",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34632"
              },
              {
                "name": "FEDORA-2009-3914",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
              },
              {
                "name": "34623",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34623"
              },
              {
                "name": "USN-1043-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1043-1"
              },
              {
                "name": "34675",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34675"
              },
              {
                "name": "ADV-2009-0964",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0964"
              },
              {
                "name": "35048",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35048"
              },
              {
                "name": "FEDORA-2009-3426",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
              },
              {
                "name": "RHSA-2009:0377",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
              },
              {
                "name": "34782",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34782"
              },
              {
                "name": "ADV-2011-0087",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0087"
              },
              {
                "name": "oval:org.mitre.oval:def:11340",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
              },
              {
                "name": "MDVSA-2009:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
              },
              {
                "name": "FEDORA-2009-3425",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
              },
              {
                "name": "34411",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34411"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
              },
              {
                "name": "34420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34420"
              },
              {
                "name": "DSA-1769",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1769"
              },
              {
                "name": "ADV-2009-0963",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0963"
              },
              {
                "name": "FEDORA-2009-3967",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
              },
              {
                "name": "34634",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34634"
              },
              {
                "name": "MDVSA-2009:121",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
              },
              {
                "name": "42870",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42870"
              },
              {
                "name": "GLSA-200904-19",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for \"transformations of monochrome profiles.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDVSA-2009:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:137"
            },
            {
              "name": "34635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34635"
            },
            {
              "name": "34632",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34632"
            },
            {
              "name": "FEDORA-2009-3914",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html"
            },
            {
              "name": "34623",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34623"
            },
            {
              "name": "USN-1043-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1043-1"
            },
            {
              "name": "34675",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34675"
            },
            {
              "name": "ADV-2009-0964",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0964"
            },
            {
              "name": "35048",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35048"
            },
            {
              "name": "FEDORA-2009-3426",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html"
            },
            {
              "name": "RHSA-2009:0377",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://rhn.redhat.com/errata/RHSA-2009-0377.html"
            },
            {
              "name": "34782",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34782"
            },
            {
              "name": "ADV-2011-0087",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0087"
            },
            {
              "name": "oval:org.mitre.oval:def:11340",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340"
            },
            {
              "name": "MDVSA-2009:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:162"
            },
            {
              "name": "FEDORA-2009-3425",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html"
            },
            {
              "name": "34411",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34411"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492353"
            },
            {
              "name": "34420",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34420"
            },
            {
              "name": "DSA-1769",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1769"
            },
            {
              "name": "ADV-2009-0963",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0963"
            },
            {
              "name": "FEDORA-2009-3967",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html"
            },
            {
              "name": "34634",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34634"
            },
            {
              "name": "MDVSA-2009:121",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:121"
            },
            {
              "name": "42870",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42870"
            },
            {
              "name": "GLSA-200904-19",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200904-19.xml"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-0793",
        "datePublished": "2009-04-09T15:00:00.000Z",
        "dateReserved": "2009-03-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:48:51.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }