Lucene search

[email protected]NVD:CVE-2009-2676

HistoryAug 05, 2009 - 7:30 p.m.

CVE-2009-2676

2009-08-0519:30:01

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.4%

JSON

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.

Affected configurations

NVD

Node

sunjava_se

sunjava_sebusiness

AND

sunjdkRange≤1.5.0update19

sunjdkRange≤1.6.0update_14

sunjdkMatch1.5.0

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update11_b03

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update13

sunjdkMatch1.5.0update14

sunjdkMatch1.5.0update15

sunjdkMatch1.5.0update16

sunjdkMatch1.5.0update17

sunjdkMatch1.5.0update18

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update6

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

sunjdkMatch1.6.0update_10

sunjdkMatch1.6.0update_11

sunjdkMatch1.6.0update_12

sunjdkMatch1.6.0update_13

sunjdkMatch1.6.0update_3

sunjdkMatch1.6.0update_4

sunjdkMatch1.6.0update_5

sunjdkMatch1.6.0update_6

sunjdkMatch1.6.0update_7

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update2

sunjreRange≤1.5.0update19

sunjreRange≤1.6.0update_14

sunjreMatch1.5.0

sunjreMatch1.5.0update1

sunjreMatch1.5.0update10

sunjreMatch1.5.0update11

sunjreMatch1.5.0update12

sunjreMatch1.5.0update13

sunjreMatch1.5.0update14

sunjreMatch1.5.0update15

sunjreMatch1.5.0update16

sunjreMatch1.5.0update17

sunjreMatch1.5.0update18

sunjreMatch1.5.0update2

sunjreMatch1.5.0update3

sunjreMatch1.5.0update4

sunjreMatch1.5.0update5

sunjreMatch1.5.0update6

sunjreMatch1.5.0update7

sunjreMatch1.5.0update8

sunjreMatch1.5.0update9

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_10

sunjreMatch1.6.0update_11

sunjreMatch1.6.0update_12

sunjreMatch1.6.0update_13

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update_4

sunjreMatch1.6.0update_5

sunjreMatch1.6.0update_6

sunjreMatch1.6.0update_7

Node

sunjava_sebusiness

AND

sunjreRange≤1.4.2_21

sunjreMatch1.4.0

sunjreMatch1.4.0_01

sunjreMatch1.4.0_02

sunjreMatch1.4.0_03

sunjreMatch1.4.0_04

sunjreMatch1.4.1

sunjreMatch1.4.1update1

sunjreMatch1.4.1update2

sunjreMatch1.4.1update3

sunjreMatch1.4.1update4

sunjreMatch1.4.1update5

sunjreMatch1.4.1update6

sunjreMatch1.4.1update7

sunjreMatch1.4.2

sunjreMatch1.4.2update16

sunjreMatch1.4.2update17

sunjreMatch1.4.2update18

sunjreMatch1.4.2update19

sunjreMatch1.4.2update20

sunjreMatch1.4.2_1

sunjreMatch1.4.2_2

sunjreMatch1.4.2_3

sunjreMatch1.4.2_4

sunjreMatch1.4.2_5

sunjreMatch1.4.2_6

sunjreMatch1.4.2_7

sunjreMatch1.4.2_8

sunjreMatch1.4.2_9

sunjreMatch1.4.2_10

sunjreMatch1.4.2_11

sunjreMatch1.4.2_12

sunjreMatch1.4.2_13

sunjreMatch1.4.2_14

sunjreMatch1.4.2_15

sunsdkRange≤1.4.2_21

sunsdkMatch1.4.0

sunsdkMatch1.4.0_01

sunsdkMatch1.4.0_02

sunsdkMatch1.4.0_03

sunsdkMatch1.4.0_04

sunsdkMatch1.4.1

sunsdkMatch1.4.1_01

sunsdkMatch1.4.1_02

sunsdkMatch1.4.1_03

sunsdkMatch1.4.1_04

sunsdkMatch1.4.1_05

sunsdkMatch1.4.1_06

sunsdkMatch1.4.1_07

sunsdkMatch1.4.2

sunsdkMatch1.4.2_1

sunsdkMatch1.4.2_2

sunsdkMatch1.4.2_3

sunsdkMatch1.4.2_4

sunsdkMatch1.4.2_5

sunsdkMatch1.4.2_6

sunsdkMatch1.4.2_7

sunsdkMatch1.4.2_8

sunsdkMatch1.4.2_9

sunsdkMatch1.4.2_10

sunsdkMatch1.4.2_11

sunsdkMatch1.4.2_12

sunsdkMatch1.4.2_13

sunsdkMatch1.4.2_14

sunsdkMatch1.4.2_15

sunsdkMatch1.4.2_16

sunsdkMatch1.4.2_17

sunsdkMatch1.4.2_18

sunsdkMatch1.4.2_19

sunsdkMatch1.4.2_20

References

lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html

marc.info/?l=bugtraq&m=125787273209737&w=2

osvdb.org/56789

secunia.com/advisories/36176

secunia.com/advisories/36199

secunia.com/advisories/36248

secunia.com/advisories/37300

secunia.com/advisories/37386

secunia.com/advisories/37460

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1

sunsolve.sun.com/search/document.do?assetkey=1-66-263490-1

www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/35946

www.securitytracker.com/id?1022657

www.us-cert.gov/cas/techalerts/TA09-294A.html

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2009/3316

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8453

rhn.redhat.com/errata/RHSA-2009-1199.html

rhn.redhat.com/errata/RHSA-2009-1200.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.4%

JSON

Related for NVD:CVE-2009-2676

veracode1 cvelist2 ubuntucve1 seebug1 openvas14 prion2 cve2 nessus27 suse2 redhat5 nvd1 securityvulns3 ubuntu1 oracle1 vmware4 gentoo1