Lucene search

MitreCVE-2009-2671

HistoryAug 05, 2009 - 7:30 p.m.

CVE-2009-2671

2009-08-0519:30:01

mitre

web.nvd.nist.gov

cve-2009-2671

sun java

jre

socks proxy

remote attack

username discovery

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

High

EPSS

0.007

Percentile

80.7%

JSON

The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.

Affected configurations

Nvd

Node

sunjdkRange≤6update_13

sunjdkMatch5.0update_1

sunjdkMatch5.0update_10

sunjdkMatch5.0update_11

sunjdkMatch5.0update_12

sunjdkMatch5.0update_13

sunjdkMatch5.0update_14

sunjdkMatch5.0update_15

sunjdkMatch5.0update_16

sunjdkMatch5.0update_17

sunjdkMatch5.0update_2

sunjdkMatch5.0update_3

sunjdkMatch5.0update_4

sunjdkMatch5.0update_5

sunjdkMatch5.0update_6

sunjdkMatch5.0update_7

sunjdkMatch5.0update_8

sunjdkMatch5.0update_9

sunjdkMatch6update_1

sunjdkMatch6update_10

sunjdkMatch6update_11

sunjdkMatch6update_12

sunjdkMatch6update_2

sunjdkMatch6update_3

sunjdkMatch6update_4

sunjdkMatch6update_5

sunjdkMatch6update_6

sunjdkMatch6update_7

sunjdkMatch6update_8

sunjdkMatch6update_9

sunjreRange≤6update_13

sunjreMatch5.0update_1

sunjreMatch5.0update_10

sunjreMatch5.0update_11

sunjreMatch5.0update_12

sunjreMatch5.0update_13

sunjreMatch5.0update_14

sunjreMatch5.0update_15

sunjreMatch5.0update_16

sunjreMatch5.0update_17

sunjreMatch5.0update_19

sunjreMatch5.0update_2

sunjreMatch5.0update_3

sunjreMatch5.0update_4

sunjreMatch5.0update_5

sunjreMatch5.0update_6

sunjreMatch5.0update_7

sunjreMatch5.0update_8

sunjreMatch5.0update_9

sunjreMatch6update_1

sunjreMatch6update_10

sunjreMatch6update_11

sunjreMatch6update_12

sunjreMatch6update_2

sunjreMatch6update_3

sunjreMatch6update_4

sunjreMatch6update_5

sunjreMatch6update_6

sunjreMatch6update_7

sunjreMatch6update_8

sunjreMatch6update_9

VendorProductVersionCPE
sunjdk6cpe:/a:sun:jdk:6:update_6::
sunjdk5.0cpe:/a:sun:jdk:5.0:update_16::
sunjdkcpe:/a:sun:jdk::update_13::
sunjdk5.0cpe:/a:sun:jdk:5.0:update_15::
sunjdk6cpe:/a:sun:jdk:6:update_2::
sunjdk5.0cpe:/a:sun:jdk:5.0:update_6::
sunjre5.0cpe:/a:sun:jre:5.0:update_14::
sunjre5.0cpe:/a:sun:jre:5.0:update_9::
sunjre6cpe:/a:sun:jre:6:update_5::
sunjdk5.0cpe:/a:sun:jdk:5.0:update_10::

Vendor	Product	Version	CPE
sun	jdk	6	cpe:/a:sun:jdk:6:update_6::
sun	jdk	5.0	cpe:/a:sun:jdk:5.0:update_16::
sun	jdk		cpe:/a:sun:jdk::update_13::
sun	jdk	5.0	cpe:/a:sun:jdk:5.0:update_15::
sun	jdk	6	cpe:/a:sun:jdk:6:update_2::
sun	jdk	5.0	cpe:/a:sun:jdk:5.0:update_6::
sun	jre	5.0	cpe:/a:sun:jre:5.0:update_14::
sun	jre	5.0	cpe:/a:sun:jre:5.0:update_9::
sun	jre	6	cpe:/a:sun:jre:6:update_5::
sun	jdk	5.0	cpe:/a:sun:jdk:5.0:update_10::