Lucene search

[email protected]NVD:CVE-2009-1100

HistoryMar 25, 2009 - 11:30 p.m.

CVE-2009-1100

2009-03-2523:30:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.137 Low

EPSS

Percentile

95.7%

JSON

Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) “limits on Font creation,” aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.

Affected configurations

NVD

Node

sunjdkRange≤1.5.0update17

sunjdkMatch1.5.0

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update11_b03

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update13

sunjdkMatch1.5.0update14

sunjdkMatch1.5.0update15

sunjdkMatch1.5.0update16

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update6

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update7_b03

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

sunjreRange≤1.5.0update17

sunjreMatch1.5.0

sunjreMatch1.5.0update1

sunjreMatch1.5.0update10

sunjreMatch1.5.0update11

sunjreMatch1.5.0update12

sunjreMatch1.5.0update13

sunjreMatch1.5.0update14

sunjreMatch1.5.0update15

sunjreMatch1.5.0update16

sunjreMatch1.5.0update2

sunjreMatch1.5.0update3

sunjreMatch1.5.0update4

sunjreMatch1.5.0update5

sunjreMatch1.5.0update6

sunjreMatch1.5.0update7

sunjreMatch1.5.0update8

sunjreMatch1.5.0update9

Node

sunjdkRange≤1.6.0update_12

sunjdkMatch1.6.0

sunjdkMatch1.6.0update_10

sunjdkMatch1.6.0update_11

sunjdkMatch1.6.0update_3

sunjdkMatch1.6.0update_4

sunjdkMatch1.6.0update_5

sunjdkMatch1.6.0update_6

sunjdkMatch1.6.0update_7

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update1_b06

sunjdkMatch1.6.0update2

sunjreRange≤1.6.0update_12

sunjreMatch1.6.0

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_10

sunjreMatch1.6.0update_11

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update_4

sunjreMatch1.6.0update_5

sunjreMatch1.6.0update_6

sunjreMatch1.6.0update_7

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html

marc.info/?l=bugtraq&m=124344236532162&w=2

secunia.com/advisories/34489

secunia.com/advisories/34495

secunia.com/advisories/34496

secunia.com/advisories/35156

secunia.com/advisories/35223

secunia.com/advisories/35255

secunia.com/advisories/35416

secunia.com/advisories/35776

secunia.com/advisories/36185

secunia.com/advisories/37386

secunia.com/advisories/37460

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1

sunsolve.sun.com/search/document.do?assetkey=1-66-254608-1

support.avaya.com/elmodocs2/security/ASA-2009-108.htm

support.avaya.com/elmodocs2/security/ASA-2009-109.htm

www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

www.redhat.com/support/errata/RHSA-2009-0392.html

www.redhat.com/support/errata/RHSA-2009-0394.html

www.redhat.com/support/errata/RHSA-2009-1038.html

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/34240

www.securitytracker.com/id?1021917

www.ubuntu.com/usn/usn-748-1

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2009/1426

www.vupen.com/english/advisories/2009/3316

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6224

rhn.redhat.com/errata/RHSA-2009-1198.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.137 Low

EPSS

Percentile

95.7%

JSON

Related for NVD:CVE-2009-1100

nessus37 ubuntucve1 prion1 cve1 openvas38 veracode1 cvelist1 redhat7 securityvulns3 ubuntu1 suse3 oracle1 vmware6 gentoo1