Lucene search

RedhatCVE-2009-3882

HistoryNov 09, 2009 - 7:30 p.m.

CVE-2009-3882

2009-11-0919:30:00

CWE-200

redhat

web.nvd.nist.gov

cve-2009-3882

swing implementation

sun java se

openjdk

remote attack vectors

information leaks

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.009

Percentile

82.3%

JSON

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to “information leaks in mutable variables,” aka Bug Id 6657026.

Affected configurations

Nvd

Node

sunopenjdk

Node

sunjreRange≤1.5.0update21

sunjreMatch1.5.0

sunjreMatch1.5.0update1

sunjreMatch1.5.0update10

sunjreMatch1.5.0update11

sunjreMatch1.5.0update12

sunjreMatch1.5.0update13

sunjreMatch1.5.0update14

sunjreMatch1.5.0update15

sunjreMatch1.5.0update16

sunjreMatch1.5.0update17

sunjreMatch1.5.0update18

sunjreMatch1.5.0update19

sunjreMatch1.5.0update2

sunjreMatch1.5.0update20

sunjreMatch1.5.0update3

sunjreMatch1.5.0update4

sunjreMatch1.5.0update5

sunjreMatch1.5.0update6

sunjreMatch1.5.0update7

sunjreMatch1.5.0update8

sunjreMatch1.5.0update9

Node

sunjreRange≤1.6.0update16

sunjreMatch1.6.0

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update10

sunjreMatch1.6.0update11

sunjreMatch1.6.0update12

sunjreMatch1.6.0update13

sunjreMatch1.6.0update14

sunjreMatch1.6.0update15

sunjreMatch1.6.0update4

sunjreMatch1.6.0update5

sunjreMatch1.6.0update6

sunjreMatch1.6.0update7

sunjreMatch1.6.0update8

sunjreMatch1.6.0update9

Node

sunjdkRange≤1.5.0update21

sunjdkMatch1.5.0

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update13

sunjdkMatch1.5.0update14

sunjdkMatch1.5.0update15

sunjdkMatch1.5.0update16

sunjdkMatch1.5.0update17

sunjdkMatch1.5.0update18

sunjdkMatch1.5.0update19

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update20

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update6

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

Node

sunjdkRange≤1.6.0update16

sunjdkMatch1.6.0

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update10

sunjdkMatch1.6.0update11

sunjdkMatch1.6.0update12

sunjdkMatch1.6.0update13

sunjdkMatch1.6.0update14

sunjdkMatch1.6.0update15

sunjdkMatch1.6.0update2

sunjdkMatch1.6.0update3

sunjdkMatch1.6.0update4

sunjdkMatch1.6.0update5

sunjdkMatch1.6.0update6

sunjdkMatch1.6.0update7

sunjdkMatch1.6.0update8

sunjdkMatch1.6.0update9

VendorProductVersionCPE
sunopenjdk*cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
sunjre*cpe:2.3:a:sun:jre:*:update21:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	openjdk	*	cpe:2.3:a:sun:openjdk::::::::
sun	jre	*	cpe:2.3:a:sun:jre::update21::::::*
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:::::::*
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update1::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update10::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update11::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update12::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update13::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update14::::::
sun	jre	1.5.0	cpe:2.3:a:sun:jre:1.5.0:update15::::::