Lucene search

K
cveMitreCVE-2009-3874
HistoryNov 05, 2009 - 4:30 p.m.

CVE-2009-3874

2009-11-0516:30:00
CWE-189
mitre
web.nvd.nist.gov
69
java se
integer overflow
jpegimagereader
remote code execution
cve-2009-3874

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.314

Percentile

97.0%

Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.

Affected configurations

Nvd
Node
sunjdkMatch1.5.0update_1
OR
sunjdkMatch1.5.0update_10
OR
sunjdkMatch1.5.0update_11
OR
sunjdkMatch1.5.0update_12
OR
sunjdkMatch1.5.0update_13
OR
sunjdkMatch1.5.0update_14
OR
sunjdkMatch1.5.0update_15
OR
sunjdkMatch1.5.0update_16
OR
sunjdkMatch1.5.0update_17
OR
sunjdkMatch1.5.0update_18
OR
sunjdkMatch1.5.0update_19
OR
sunjdkMatch1.5.0update_2
OR
sunjdkMatch1.5.0update_20
OR
sunjdkMatch1.5.0update_21
OR
sunjdkMatch1.5.0update_3
OR
sunjdkMatch1.5.0update_4
OR
sunjdkMatch1.5.0update_5
OR
sunjdkMatch1.5.0update_6
OR
sunjdkMatch1.5.0update_7
OR
sunjdkMatch1.5.0update_8
OR
sunjdkMatch1.5.0update_9
OR
sunjdkMatch1.6.0update_1
OR
sunjdkMatch1.6.0update_10
OR
sunjdkMatch1.6.0update_11
OR
sunjdkMatch1.6.0update_12
OR
sunjdkMatch1.6.0update_13
OR
sunjdkMatch1.6.0update_14
OR
sunjdkMatch1.6.0update_15
OR
sunjdkMatch1.6.0update_16
OR
sunjdkMatch1.6.0update_3
OR
sunjdkMatch1.6.0update_4
OR
sunjdkMatch1.6.0update_5
OR
sunjdkMatch1.6.0update_6
OR
sunjdkMatch1.6.0update_7
OR
sunjdkMatch1.6.0update_8
OR
sunjdkMatch1.6.0update_9
OR
sunjreMatch1.5.0update_1
OR
sunjreMatch1.5.0update_11
OR
sunjreMatch1.5.0update_12
OR
sunjreMatch1.5.0update_13
OR
sunjreMatch1.5.0update_14
OR
sunjreMatch1.5.0update_15
OR
sunjreMatch1.5.0update_16
OR
sunjreMatch1.5.0update_17
OR
sunjreMatch1.5.0update_18
OR
sunjreMatch1.5.0update_19
OR
sunjreMatch1.5.0update_2
OR
sunjreMatch1.5.0update_20
OR
sunjreMatch1.5.0update_21
OR
sunjreMatch1.5.0update_3
OR
sunjreMatch1.5.0update_4
OR
sunjreMatch1.5.0update_5
OR
sunjreMatch1.5.0update_6
OR
sunjreMatch1.5.0update_7
OR
sunjreMatch1.5.0update_8
OR
sunjreMatch1.5.0update_9
OR
sunjreMatch1.6.0update_1
OR
sunjreMatch1.6.0update_10
OR
sunjreMatch1.6.0update_11
OR
sunjreMatch1.6.0update_12
OR
sunjreMatch1.6.0update_13
OR
sunjreMatch1.6.0update_14
OR
sunjreMatch1.6.0update_15
OR
sunjreMatch1.6.0update_16
OR
sunjreMatch1.6.0update_2
OR
sunjreMatch1.6.0update_3
OR
sunjreMatch1.6.0update_4
OR
sunjreMatch1.6.0update_5
OR
sunjreMatch1.6.0update_6
OR
sunjreMatch1.6.0update_7
OR
sunjreMatch1.6.0update_8
OR
sunjreMatch1.6.0update_9
Node
sunjreMatch1.4.2_1
OR
sunjreMatch1.4.2_2
OR
sunjreMatch1.4.2_02
OR
sunjreMatch1.4.2_03
OR
sunjreMatch1.4.2_3
OR
sunjreMatch1.4.2_4
OR
sunjreMatch1.4.2_04
OR
sunjreMatch1.4.2_05
OR
sunjreMatch1.4.2_5
OR
sunjreMatch1.4.2_06
OR
sunjreMatch1.4.2_6
OR
sunjreMatch1.4.2_7
OR
sunjreMatch1.4.2_07
OR
sunjreMatch1.4.2_8
OR
sunjreMatch1.4.2_08
OR
sunjreMatch1.4.2_09
OR
sunjreMatch1.4.2_9
OR
sunjreMatch1.4.2_10
OR
sunjreMatch1.4.2_11
OR
sunjreMatch1.4.2_12
OR
sunjreMatch1.4.2_13
OR
sunjreMatch1.4.2_14
OR
sunjreMatch1.4.2_15
OR
sunjreMatch1.4.2_16
OR
sunjreMatch1.4.2_17
OR
sunjreMatch1.4.2_18
OR
sunjreMatch1.4.2_19
OR
sunjreMatch1.4.2_20
OR
sunjreMatch1.4.2_21
OR
sunjreMatch1.4.2_22
OR
sunsdkMatch1.4.2_01
OR
sunsdkMatch1.4.2_1
OR
sunsdkMatch1.4.2_2
OR
sunsdkMatch1.4.2_02
OR
sunsdkMatch1.4.2_03
OR
sunsdkMatch1.4.2_3
OR
sunsdkMatch1.4.2_04
OR
sunsdkMatch1.4.2_4
OR
sunsdkMatch1.4.2_5
OR
sunsdkMatch1.4.2_05
OR
sunsdkMatch1.4.2_6
OR
sunsdkMatch1.4.2_06
OR
sunsdkMatch1.4.2_07
OR
sunsdkMatch1.4.2_7
OR
sunsdkMatch1.4.2_8
OR
sunsdkMatch1.4.2_08
OR
sunsdkMatch1.4.2_09
OR
sunsdkMatch1.4.2_9
OR
sunsdkMatch1.4.2_10
OR
sunsdkMatch1.4.2_11
OR
sunsdkMatch1.4.2_12
OR
sunsdkMatch1.4.2_13
OR
sunsdkMatch1.4.2_14
OR
sunsdkMatch1.4.2_15
OR
sunsdkMatch1.4.2_16
OR
sunsdkMatch1.4.2_17
OR
sunsdkMatch1.4.2_18
OR
sunsdkMatch1.4.2_19
OR
sunsdkMatch1.4.2_20
OR
sunsdkMatch1.4.2_21
OR
sunsdkMatch1.4.2_22
AND
sunsolaris
Node
sunjreMatch1.3.1_1
OR
sunjreMatch1.3.1_01
OR
sunjreMatch1.3.1_01a
OR
sunjreMatch1.3.1_02
OR
sunjreMatch1.3.1_2
OR
sunjreMatch1.3.1_03
OR
sunjreMatch1.3.1_3
OR
sunjreMatch1.3.1_4
OR
sunjreMatch1.3.1_04
OR
sunjreMatch1.3.1_05
OR
sunjreMatch1.3.1_5
OR
sunjreMatch1.3.1_06
OR
sunjreMatch1.3.1_6
OR
sunjreMatch1.3.1_07
OR
sunjreMatch1.3.1_7
OR
sunjreMatch1.3.1_8
OR
sunjreMatch1.3.1_08
OR
sunjreMatch1.3.1_9
OR
sunjreMatch1.3.1_09
OR
sunjreMatch1.3.1_10
OR
sunjreMatch1.3.1_11
OR
sunjreMatch1.3.1_12
OR
sunjreMatch1.3.1_13
OR
sunjreMatch1.3.1_14
OR
sunjreMatch1.3.1_15
OR
sunjreMatch1.3.1_16
OR
sunjreMatch1.3.1_17
OR
sunjreMatch1.3.1_18
OR
sunjreMatch1.3.1_19
OR
sunjreMatch1.3.1_20
OR
sunjreMatch1.3.1_21
OR
sunjreMatch1.3.1_22
OR
sunjreMatch1.3.1_23
OR
sunjreMatch1.3.1_24
OR
sunjreMatch1.3.1_25
OR
sunsdkMatch1.3.1_01
OR
sunsdkMatch1.3.1_01a
OR
sunsdkMatch1.3.1_2
OR
sunsdkMatch1.3.1_02
OR
sunsdkMatch1.3.1_03
OR
sunsdkMatch1.3.1_3
OR
sunsdkMatch1.3.1_4
OR
sunsdkMatch1.3.1_04
OR
sunsdkMatch1.3.1_5
OR
sunsdkMatch1.3.1_05
OR
sunsdkMatch1.3.1_6
OR
sunsdkMatch1.3.1_06
OR
sunsdkMatch1.3.1_7
OR
sunsdkMatch1.3.1_07
OR
sunsdkMatch1.3.1_8
OR
sunsdkMatch1.3.1_08
OR
sunsdkMatch1.3.1_9
OR
sunsdkMatch1.3.1_09
OR
sunsdkMatch1.3.1_10
OR
sunsdkMatch1.3.1_11
OR
sunsdkMatch1.3.1_12
OR
sunsdkMatch1.3.1_13
OR
sunsdkMatch1.3.1_14
OR
sunsdkMatch1.3.1_15
OR
sunsdkMatch1.3.1_16
OR
sunsdkMatch1.3.1_17
OR
sunsdkMatch1.3.1_18
OR
sunsdkMatch1.3.1_19
OR
sunsdkMatch1.3.1_20
OR
sunsdkMatch1.3.1_21
OR
sunsdkMatch1.3.1_22
OR
sunsdkMatch1.3.1_23
OR
sunsdkMatch1.3.1_24
OR
sunsdkMatch1.3.1_25
AND
microsoftwindows
Node
sunjava_sebusiness
AND
sunjdkMatch1.5.0update_1
OR
sunjdkMatch1.5.0update_10
OR
sunjdkMatch1.5.0update_11
OR
sunjdkMatch1.5.0update_12
OR
sunjdkMatch1.5.0update_13
OR
sunjdkMatch1.5.0update_14
OR
sunjdkMatch1.5.0update_15
OR
sunjdkMatch1.5.0update_16
OR
sunjdkMatch1.5.0update_17
OR
sunjdkMatch1.5.0update_18
OR
sunjdkMatch1.5.0update_19
OR
sunjdkMatch1.5.0update_2
OR
sunjdkMatch1.5.0update_20
OR
sunjdkMatch1.5.0update_21
OR
sunjdkMatch1.5.0update_3
OR
sunjdkMatch1.5.0update_4
OR
sunjdkMatch1.5.0update_5
OR
sunjdkMatch1.5.0update_6
OR
sunjdkMatch1.5.0update_7
OR
sunjdkMatch1.5.0update_8
OR
sunjdkMatch1.5.0update_9
OR
sunjdkMatch1.6.0update_1
OR
sunjdkMatch1.6.0update_10
OR
sunjdkMatch1.6.0update_11
OR
sunjdkMatch1.6.0update_12
OR
sunjdkMatch1.6.0update_13
OR
sunjdkMatch1.6.0update_14
OR
sunjdkMatch1.6.0update_15
OR
sunjdkMatch1.6.0update_16
OR
sunjdkMatch1.6.0update_3
OR
sunjdkMatch1.6.0update_4
OR
sunjdkMatch1.6.0update_5
OR
sunjdkMatch1.6.0update_6
OR
sunjdkMatch1.6.0update_7
OR
sunjdkMatch1.6.0update_8
OR
sunjdkMatch1.6.0update_9
OR
sunjdkMatch1.6.0update2
OR
sunjreMatch1.4.2_01
OR
sunjreMatch1.4.2_1
OR
sunjreMatch1.4.2_2
OR
sunjreMatch1.4.2_02
OR
sunjreMatch1.4.2_03
OR
sunjreMatch1.4.2_3
OR
sunjreMatch1.4.2_4
OR
sunjreMatch1.4.2_04
OR
sunjreMatch1.4.2_05
OR
sunjreMatch1.4.2_5
OR
sunjreMatch1.4.2_06
OR
sunjreMatch1.4.2_6
OR
sunjreMatch1.4.2_7
OR
sunjreMatch1.4.2_07
OR
sunjreMatch1.4.2_8
OR
sunjreMatch1.4.2_08
OR
sunjreMatch1.4.2_09
OR
sunjreMatch1.4.2_9
OR
sunjreMatch1.4.2_10
OR
sunjreMatch1.4.2_11
OR
sunjreMatch1.4.2_12
OR
sunjreMatch1.4.2_13
OR
sunjreMatch1.4.2_14
OR
sunjreMatch1.4.2_15
OR
sunjreMatch1.4.2_16
OR
sunjreMatch1.4.2_17
OR
sunjreMatch1.4.2_18
OR
sunjreMatch1.4.2_19
OR
sunjreMatch1.4.2_20
OR
sunjreMatch1.4.2_21
OR
sunjreMatch1.4.2_22
OR
sunjreMatch1.5.0update_1
OR
sunjreMatch1.5.0update_11
OR
sunjreMatch1.5.0update_12
OR
sunjreMatch1.5.0update_13
OR
sunjreMatch1.5.0update_14
OR
sunjreMatch1.5.0update_15
OR
sunjreMatch1.5.0update_16
OR
sunjreMatch1.5.0update_17
OR
sunjreMatch1.5.0update_18
OR
sunjreMatch1.5.0update_19
OR
sunjreMatch1.5.0update_2
OR
sunjreMatch1.5.0update_20
OR
sunjreMatch1.5.0update_21
OR
sunjreMatch1.5.0update_3
OR
sunjreMatch1.5.0update_4
OR
sunjreMatch1.5.0update_5
OR
sunjreMatch1.5.0update_6
OR
sunjreMatch1.5.0update_7
OR
sunjreMatch1.5.0update_8
OR
sunjreMatch1.5.0update_9
OR
sunjreMatch1.6.0update_1
OR
sunjreMatch1.6.0update_10
OR
sunjreMatch1.6.0update_11
OR
sunjreMatch1.6.0update_12
OR
sunjreMatch1.6.0update_13
OR
sunjreMatch1.6.0update_14
OR
sunjreMatch1.6.0update_15
OR
sunjreMatch1.6.0update_16
OR
sunjreMatch1.6.0update_2
OR
sunjreMatch1.6.0update_3
OR
sunjreMatch1.6.0update_4
OR
sunjreMatch1.6.0update_5
OR
sunjreMatch1.6.0update_6
OR
sunjreMatch1.6.0update_7
OR
sunjreMatch1.6.0update_8
OR
sunjreMatch1.6.0update_9
OR
sunsdkMatch1.4.2_1
OR
sunsdkMatch1.4.2_2
OR
sunsdkMatch1.4.2_02
OR
sunsdkMatch1.4.2_03
OR
sunsdkMatch1.4.2_3
OR
sunsdkMatch1.4.2_04
OR
sunsdkMatch1.4.2_4
OR
sunsdkMatch1.4.2_5
OR
sunsdkMatch1.4.2_05
OR
sunsdkMatch1.4.2_6
OR
sunsdkMatch1.4.2_06
OR
sunsdkMatch1.4.2_07
OR
sunsdkMatch1.4.2_7
OR
sunsdkMatch1.4.2_8
OR
sunsdkMatch1.4.2_08
OR
sunsdkMatch1.4.2_09
OR
sunsdkMatch1.4.2_9
OR
sunsdkMatch1.4.2_10
OR
sunsdkMatch1.4.2_11
OR
sunsdkMatch1.4.2_12
OR
sunsdkMatch1.4.2_13
OR
sunsdkMatch1.4.2_14
OR
sunsdkMatch1.4.2_15
OR
sunsdkMatch1.4.2_16
OR
sunsdkMatch1.4.2_17
OR
sunsdkMatch1.4.2_18
OR
sunsdkMatch1.4.2_19
OR
sunsdkMatch1.4.2_20
OR
sunsdkMatch1.4.2_21
OR
sunsdkMatch1.4.2_22
VendorProductVersionCPE
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_1:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_10:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_11:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_12:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_13:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_14:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_15:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_16:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_17:*:*:*:*:*:*
sunjdk1.5.0cpe:2.3:a:sun:jdk:1.5.0:update_18:*:*:*:*:*:*
Rows per page:
1-10 of 2071

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.314

Percentile

97.0%