Lucene search

MitreCVE-2009-1671

HistoryMay 18, 2009 - 6:30 p.m.

CVE-2009-1671

2009-05-1818:30:01

CWE-119

mitre

web.nvd.nist.gov

117

cve-2009-1671

buffer overflow

sun java

security vulnerability

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.023

Percentile

89.7%

JSON

Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.

Affected configurations

Nvd

Node

sunjreMatch6update_13

VendorProductVersionCPE
sunjre6cpe:2.3:a:sun:jre:6:update_13:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jre	6	cpe:2.3:a:sun:jre:6:update_13::::::

References

www.securityfocus.com/bid/34931

www.shinnai.net/xplits/TXT_mhxRKrtrPLyAHRFNm7QR.html

www.exploit-db.com/exploits/8665

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.023

Percentile

89.7%

JSON

Related for CVE-2009-1671