VAR-200906-0281
Vulnerability from variot - Updated: 2025-04-10 23:16The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X 10.5 allows remote attackers to execute arbitrary code via a call to the undocumented apple.laf.CColourUIResource constructor with a crafted value in the first argument, which is dereferenced as a pointer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the undocumented apple.laf.CColourUIResource(long, int, int ,int, int) constructor. When passing a long integer value as the first argument, the value is interpreted as pointer to an Objective-C object. By constructing a special memory structure and passing the pointer to the first argument an attacker may execute arbitrary code. Sun Java Runtime Environment (JRE) is prone to a privilege-escalation vulnerability. This issue affects JRE 1.5 running on Mac OS X 10.5. NOTE: This BID is being retied because the vulnerability was previously documented in BID 35381 (Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability). The Aqua Look and Feel interface package implemented by Java does not correctly verify the parameters passed to the apple.laf.CColourUIResource(long, int, int ,int, int) constructor, if a super long integer is passed to the first parameter value, which is interpreted as a pointer to an Objective-C object. ZDI-09-043: Apple Java CColorUIResource Pointer Derference Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-043 June 16, 2009
-- CVE ID: CVE-2009-1719
-- Affected Vendors: Apple
-- Affected Products: Apple Java
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6800.
-- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:
http://support.apple.com/kb/HT3632
-- Disclosure Timeline: 2009-01-26 - Vulnerability reported to vendor 2009-06-16 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jre 1.5.0 12",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre 04",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 11",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre 06",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 14",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 10",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre 05",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 17",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0 13",
"scope": null,
"trust": 1.8,
"vendor": "sun",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 1.2,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 1.2,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 1.2,
"vendor": "sun",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.5.0_11-b03"
},
{
"model": "java",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.5.3"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-043"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1719",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2009-1719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-39165",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1719",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1719",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-39165",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X 10.5 allows remote attackers to execute arbitrary code via a call to the undocumented apple.laf.CColourUIResource constructor with a crafted value in the first argument, which is dereferenced as a pointer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the undocumented apple.laf.CColourUIResource(long, int, int ,int, int) constructor. When passing a long integer value as the first argument, the value is interpreted as pointer to an Objective-C object. By constructing a special memory structure and passing the pointer to the first argument an attacker may execute arbitrary code. Sun Java Runtime Environment (JRE) is prone to a privilege-escalation vulnerability. \nThis issue affects JRE 1.5 running on Mac OS X 10.5. \nNOTE: This BID is being retied because the vulnerability was previously documented in BID 35381 (Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability). The Aqua Look and Feel interface package implemented by Java does not correctly verify the parameters passed to the apple.laf.CColourUIResource(long, int, int ,int, int) constructor, if a super long integer is passed to the first parameter value, which is interpreted as a pointer to an Objective-C object. ZDI-09-043: Apple Java CColorUIResource Pointer Derference Code Execution Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-09-043\nJune 16, 2009\n\n-- CVE ID:\nCVE-2009-1719\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple Java\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6800. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT3632\n\n-- Disclosure Timeline:\n2009-01-26 - Vulnerability reported to vendor\n2009-06-16 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1719"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
},
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "PACKETSTORM",
"id": "78473"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-39165",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39165"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1719",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-09-043",
"trust": 3.1
},
{
"db": "BID",
"id": "35381",
"trust": 2.8
},
{
"db": "BID",
"id": "35401",
"trust": 2.0
},
{
"db": "XF",
"id": "51185",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-416",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20090616 ZDI-09-043: APPLE JAVA CCOLORUIRESOURCE POINTER DERFERENCE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2009-06-15-1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "78473",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-39165",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "PACKETSTORM",
"id": "78473"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"id": "VAR-200906-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-39165"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:16:27.017000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3632",
"trust": 1.5,
"url": "http://support.apple.com/kb/HT3632"
},
{
"title": "HT3632",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT3632?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://support.apple.com/kb/ht3632"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35381"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-043"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00003.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/35401"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/51185"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/504364/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51185"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1719"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1719"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-043/"
},
{
"trust": 0.6,
"url": "http://software.cisco.com/download/navigator.html?mdfid=283613663"
},
{
"trust": 0.6,
"url": "http://java.sun.com/index.jsp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/504364/100/0/threaded"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1719"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "PACKETSTORM",
"id": "78473"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"db": "VULHUB",
"id": "VHN-39165"
},
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"db": "PACKETSTORM",
"id": "78473"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-16T00:00:00",
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"date": "2009-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-39165"
},
{
"date": "2009-06-16T00:00:00",
"db": "BID",
"id": "35401"
},
{
"date": "2009-06-15T00:00:00",
"db": "BID",
"id": "35381"
},
{
"date": "2009-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"date": "2009-06-17T00:52:13",
"db": "PACKETSTORM",
"id": "78473"
},
{
"date": "2009-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"date": "2009-06-16T23:30:00.233000",
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-16T00:00:00",
"db": "ZDI",
"id": "ZDI-09-043"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-39165"
},
{
"date": "2009-06-16T20:09:00",
"db": "BID",
"id": "35401"
},
{
"date": "2009-06-16T20:09:00",
"db": "BID",
"id": "35381"
},
{
"date": "2009-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001831"
},
{
"date": "2009-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-280"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-1719"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "78473"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-280"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mac OS X Running on Java Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001831"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "35401"
},
{
"db": "BID",
"id": "35381"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…