Lucene search

[email protected]CVE-2009-3882

HistoryNov 09, 2009 - 7:30 p.m.

CVE-2009-3882

2009-11-0919:30:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2009-3882

swing implementation

sun java se

openjdk

remote attack vectors

information leaks

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.2%

JSON

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to “information leaks in mutable variables,” aka Bug Id 6657026.

CPENameOperatorVersion
sun:openjdksun openjdkeq*
sun:jresun jreeq1.5.0
sun:jresun jreeq1.6.0
sun:jdksun jdkeq1.5.0
sun:jdksun jdkeq1.6.0

CPE	Name	Operator	Version
sun:openjdk	sun openjdk	eq	*
sun:jre	sun jre	eq	1.5.0
sun:jre	sun jre	eq	1.6.0
sun:jdk	sun jdk	eq	1.5.0
sun:jdk	sun jdk	eq	1.6.0

References

java.sun.com/j2se/1.5.0/ReleaseNotes.html

java.sun.com/javase/6/webnotes/6u17.html

secunia.com/advisories/37386

security.gentoo.org/glsa/glsa-200911-02.xml

www.mandriva.com/security/advisories?name=MDVSA-2010:084

bugzilla.redhat.com/show_bug.cgi?id=530175

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841

6.4 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.2%

JSON

Related for CVE-2009-3882

prion1 cvelist1 veracode1 ubuntucve1 openvas26 oraclelinux1 fedora3 nessus18 redhat4 centos1 ubuntu1 securityvulns1 vmware2 gentoo1