Lucene search

MitreCVE-2009-1098

HistoryMar 25, 2009 - 11:30 p.m.

CVE-2009-1098

2009-03-2523:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-1098

buffer overflow

java se

development kit

jdk

java runtime environment

jre

security vulnerability

nvd

cr 6804998

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.291

Percentile

96.9%

JSON

Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.

Affected configurations

Nvd

Node

sunjdkRange≤1.5.0update17

sunjdkRange≤1.6.0update_12

sunjdkMatch1.5.0

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update11_b03

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update13

sunjdkMatch1.5.0update14

sunjdkMatch1.5.0update15

sunjdkMatch1.5.0update16

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update6

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update7_b03

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

sunjdkMatch1.6.0update_10

sunjdkMatch1.6.0update_11

sunjdkMatch1.6.0update_3

sunjdkMatch1.6.0update_4

sunjdkMatch1.6.0update_5

sunjdkMatch1.6.0update_6

sunjdkMatch1.6.0update_7

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update2

sunjreRange≤1.5.0update17

sunjreRange≤1.6.0update_12

sunjreMatch1.5.0

sunjreMatch1.5.0update1

sunjreMatch1.5.0update10

sunjreMatch1.5.0update11

sunjreMatch1.5.0update12

sunjreMatch1.5.0update13

sunjreMatch1.5.0update14

sunjreMatch1.5.0update15

sunjreMatch1.5.0update16

sunjreMatch1.5.0update2

sunjreMatch1.5.0update3

sunjreMatch1.5.0update4

sunjreMatch1.5.0update5

sunjreMatch1.5.0update6

sunjreMatch1.5.0update7

sunjreMatch1.5.0update8

sunjreMatch1.5.0update9

sunjreMatch1.6.0

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_10

sunjreMatch1.6.0update_11

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update_4

sunjreMatch1.6.0update_5

sunjreMatch1.6.0update_6

sunjreMatch1.6.0update_7

Node

sunjreRange≤1.3.1_24

sunjreMatch1.3.1

sunjreMatch1.3.1_01

sunjreMatch1.3.1_2

sunjreMatch1.3.1_03

sunjreMatch1.3.1_04

sunjreMatch1.3.1_05

sunjreMatch1.3.1_06

sunjreMatch1.3.1_07

sunjreMatch1.3.1_08

sunjreMatch1.3.1_09

sunjreMatch1.3.1_10

sunjreMatch1.3.1_11

sunjreMatch1.3.1_12

sunjreMatch1.3.1_13

sunjreMatch1.3.1_14

sunjreMatch1.3.1_15

sunjreMatch1.3.1_16

sunjreMatch1.3.1_17

sunjreMatch1.3.1_18

sunjreMatch1.3.1_19

sunjreMatch1.3.1_20

sunjreMatch1.3.1_21

sunjreMatch1.3.1_22

sunjreMatch1.3.1_23

sunsdkRange≤1.3.1_24

sunsdkMatch1.3.1

sunsdkMatch1.3.1_01

sunsdkMatch1.3.1_01a

sunsdkMatch1.3.1_02

sunsdkMatch1.3.1_03

sunsdkMatch1.3.1_04

sunsdkMatch1.3.1_05

sunsdkMatch1.3.1_06

sunsdkMatch1.3.1_07

sunsdkMatch1.3.1_08

sunsdkMatch1.3.1_09

sunsdkMatch1.3.1_10

sunsdkMatch1.3.1_11

sunsdkMatch1.3.1_12

sunsdkMatch1.3.1_13

sunsdkMatch1.3.1_14

sunsdkMatch1.3.1_15

sunsdkMatch1.3.1_16

sunsdkMatch1.3.1_17

sunsdkMatch1.3.1_18

sunsdkMatch1.3.1_19

sunsdkMatch1.3.1_20

sunsdkMatch1.3.1_21

sunsdkMatch1.3.1_22

sunsdkMatch1.3.1_23

Node

sunjreRange≤1.4.2_19

sunjreMatch1.4.2

sunjreMatch1.4.2_1

sunjreMatch1.4.2_2

sunjreMatch1.4.2_3

sunjreMatch1.4.2_4

sunjreMatch1.4.2_5

sunjreMatch1.4.2_6

sunjreMatch1.4.2_7

sunjreMatch1.4.2_8

sunjreMatch1.4.2_9

sunjreMatch1.4.2_10

sunjreMatch1.4.2_11

sunjreMatch1.4.2_12

sunjreMatch1.4.2_13

sunjreMatch1.4.2_14

sunjreMatch1.4.2_15

sunjreMatch1.4.2_16

sunjreMatch1.4.2_17

sunjreMatch1.4.2_18

sunsdkRange≤1.4.2_19

sunsdkMatch1.4.2

sunsdkMatch1.4.2_1

sunsdkMatch1.4.2_2

sunsdkMatch1.4.2_02

sunsdkMatch1.4.2_03

sunsdkMatch1.4.2_3

sunsdkMatch1.4.2_04

sunsdkMatch1.4.2_4

sunsdkMatch1.4.2_5

sunsdkMatch1.4.2_6

sunsdkMatch1.4.2_7

sunsdkMatch1.4.2_08

sunsdkMatch1.4.2_09

sunsdkMatch1.4.2_10

sunsdkMatch1.4.2_11

sunsdkMatch1.4.2_12

sunsdkMatch1.4.2_13

sunsdkMatch1.4.2_14

sunsdkMatch1.4.2_15

sunsdkMatch1.4.2_16

sunsdkMatch1.4.2_17

sunsdkMatch1.4.2_18

VendorProductVersionCPE
sunjdk*cpe:2.3:a:sun:jdk:*:update17:*:*:*:*:*:*
sunjdk*cpe:2.3:a:sun:jdk:*:update_12:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jdk	*	cpe:2.3:a:sun:jdk::update17::::::*
sun	jdk	*	cpe:2.3:a:sun:jdk::update_12::::::*
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:::::::*
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update1::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update10::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update11::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update11_b03::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update12::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update13::::::
sun	jdk	1.5.0	cpe:2.3:a:sun:jdk:1.5.0:update14::::::

Rows per page:

1-10 of 1511

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html

marc.info/?l=bugtraq&m=124344236532162&w=2

secunia.com/advisories/34489

secunia.com/advisories/34495

secunia.com/advisories/34496

secunia.com/advisories/34632

secunia.com/advisories/34675

secunia.com/advisories/35156

secunia.com/advisories/35223

secunia.com/advisories/35255

secunia.com/advisories/35416

secunia.com/advisories/35776

secunia.com/advisories/36185

secunia.com/advisories/37386

secunia.com/advisories/37460

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-254571-1

support.avaya.com/elmodocs2/security/ASA-2009-108.htm

support.avaya.com/elmodocs2/security/ASA-2009-109.htm

www.debian.org/security/2009/dsa-1769

www.mandriva.com/security/advisories?name=MDVSA-2009:137

www.mandriva.com/security/advisories?name=MDVSA-2009:162

www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

www.redhat.com/support/errata/RHSA-2009-0392.html

www.redhat.com/support/errata/RHSA-2009-0394.html

www.redhat.com/support/errata/RHSA-2009-1038.html

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/34240

www.securitytracker.com/id?1021913

www.ubuntu.com/usn/usn-748-1

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2009/1426

www.vupen.com/english/advisories/2009/3316

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6008

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9956

rhn.redhat.com/errata/RHSA-2009-0377.html

rhn.redhat.com/errata/RHSA-2009-1198.html

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.291

Percentile

96.9%

JSON

Related for CVE-2009-1098