Lucene search

[email protected]CVE-2009-3852

HistoryNov 03, 2009 - 4:30 p.m.

CVE-2009-3852

2009-11-0316:30:12

[email protected]

web.nvd.nist.gov

ibm

java technology

xml component

cve-2009-3852

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5.0.0 before SR10 has unknown impact and attack vectors, related to the “updated version of XML4J 4.4.17.”

Affected configurations

NVD

Node

ibmruntimes_for_java_technologyRange≤5.0.0

CPENameOperatorVersion
ibm:runtimes_for_java_technologyibm runtimes for java technologyle5.0.0

CPE	Name	Operator	Version
ibm:runtimes_for_java_technology	ibm runtimes for java technology	le	5.0.0

References

secunia.com/advisories/37210

www-01.ibm.com/support/docview.wss?uid=swg1IZ63920

www.securityfocus.com/bid/36894

www.vupen.com/english/advisories/2009/3106

exchange.xforce.ibmcloud.com/vulnerabilities/54069

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

Related for CVE-2009-3852

prion1 nvd1 openvas2 cvelist1 ibm1