Lucene search

[email protected]NVD:CVE-2009-1190

HistoryApr 27, 2009 - 10:30 p.m.

CVE-2009-1190

2009-04-2722:30:00

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

9.2

Confidence

High

EPSS

0.278

Percentile

96.9%

JSON

Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.

Affected configurations

Nvd

Node

sunjdkRange≤1.5.0update_22

sunjdkMatch1.1.0

sunjdkMatch1.1.6

sunjdkMatch1.1.6update7

sunjdkMatch1.1.7b

sunjdkMatch1.1.7bupdate5

sunjdkMatch1.1.8update10

sunjdkMatch1.1.8update13

sunjdkMatch1.1.8update14

sunjdkMatch1.1.8update2

sunjdkMatch1.1.8update7

sunjdkMatch1.1.8update8

sunjdkMatch1.2.0

sunjdkMatch1.2.1

sunjdkMatch1.2.1update3

sunjdkMatch1.2.2update4

sunjdkMatch1.2.2update5

sunjdkMatch1.3.0

sunjdkMatch1.3.0_01

sunjdkMatch1.3.0_02

sunjdkMatch1.3.0_03

sunjdkMatch1.3.0_04

sunjdkMatch1.3.0_05

sunjdkMatch1.3.1

sunjdkMatch1.3.1update19

sunjdkMatch1.3.1update20

sunjdkMatch1.3.1_01

sunjdkMatch1.3.1_01a

sunjdkMatch1.3.1_02

sunjdkMatch1.3.1_03

sunjdkMatch1.3.1_04

sunjdkMatch1.3.1_05

sunjdkMatch1.3.1_06

sunjdkMatch1.3.1_07

sunjdkMatch1.3.1_08

sunjdkMatch1.3.1_09

sunjdkMatch1.3.1_10

sunjdkMatch1.3.1_11

sunjdkMatch1.3.1_12

sunjdkMatch1.3.1_13

sunjdkMatch1.3.1_14

sunjdkMatch1.3.1_15

sunjdkMatch1.3.1_16

sunjdkMatch1.3.1_17

sunjdkMatch1.3.1_18

sunjdkMatch1.3.1_19

sunjdkMatch1.3.1_20

sunjdkMatch1.3.1_21

sunjdkMatch1.3.1_22

sunjdkMatch1.3.1_23

sunjdkMatch1.3.1_24

sunjdkMatch1.3.1_25

sunjdkMatch1.3.1_26

sunjdkMatch1.3.1_27

sunjdkMatch1.3.1_28

sunjdkMatch1.4.0

sunjdkMatch1.4.0_01

sunjdkMatch1.4.0_02

sunjdkMatch1.4.0_03

sunjdkMatch1.4.0_04

sunjdkMatch1.4.1

sunjdkMatch1.4.1_01

sunjdkMatch1.4.1_02

sunjdkMatch1.4.1_03

sunjdkMatch1.4.1_04

sunjdkMatch1.4.1_05

sunjdkMatch1.4.1_06

sunjdkMatch1.4.1_07

sunjdkMatch1.4.2

sunjdkMatch1.4.2_1

sunjdkMatch1.4.2_2

sunjdkMatch1.4.2_3

sunjdkMatch1.4.2_4

sunjdkMatch1.4.2_5

sunjdkMatch1.4.2_6

sunjdkMatch1.4.2_7

sunjdkMatch1.4.2_8

sunjdkMatch1.4.2_9

sunjdkMatch1.4.2_10

sunjdkMatch1.4.2_11

sunjdkMatch1.4.2_12

sunjdkMatch1.4.2_13

sunjdkMatch1.4.2_14

sunjdkMatch1.4.2_15

sunjdkMatch1.4.2_16

sunjdkMatch1.4.2_17

sunjdkMatch1.4.2_18

sunjdkMatch1.4.2_19

sunjdkMatch1.5.0

sunjdkMatch1.5.0update_1

sunjdkMatch1.5.0update_10

sunjdkMatch1.5.0update_11

sunjdkMatch1.5.0update_12

sunjdkMatch1.5.0update_13

sunjdkMatch1.5.0update_14

sunjdkMatch1.5.0update_15

sunjdkMatch1.5.0update_16

sunjdkMatch1.5.0update_17

sunjdkMatch1.5.0update_18

sunjdkMatch1.5.0update_19

sunjdkMatch1.5.0update_2

sunjdkMatch1.5.0update_20

sunjdkMatch1.5.0update_21

sunjdkMatch1.5.0update_3

sunjdkMatch1.5.0update_4

sunjdkMatch1.5.0update_5

sunjdkMatch1.5.0update_6

sunjdkMatch1.5.0update_7

sunjdkMatch1.5.0update_8

sunjdkMatch1.5.0update_9

sunjdkMatch1.5.0update1

sunjdkMatch1.5.0update10

sunjdkMatch1.5.0update11

sunjdkMatch1.5.0update11_b03

sunjdkMatch1.5.0update12

sunjdkMatch1.5.0update13

sunjdkMatch1.5.0update14

sunjdkMatch1.5.0update15

sunjdkMatch1.5.0update16

sunjdkMatch1.5.0update17

sunjdkMatch1.5.0update18

sunjdkMatch1.5.0update19

sunjdkMatch1.5.0update2

sunjdkMatch1.5.0update20

sunjdkMatch1.5.0update21

sunjdkMatch1.5.0update22

sunjdkMatch1.5.0update23

sunjdkMatch1.5.0update24

sunjdkMatch1.5.0update25

sunjdkMatch1.5.0update3

sunjdkMatch1.5.0update4

sunjdkMatch1.5.0update5

sunjdkMatch1.5.0update6

sunjdkMatch1.5.0update7

sunjdkMatch1.5.0update7_b03

sunjdkMatch1.5.0update8

sunjdkMatch1.5.0update9

sunjdkMatch1.5.0_03solaris

sunjdkMatch1.5.0_03windows

AND

springsourcedm_serverMatch1.0.0

springsourcedm_serverMatch1.0.1

springsourcedm_serverMatch1.0.2

springsourcespring_frameworkMatch1.1.0

springsourcespring_frameworkMatch2.0

springsourcespring_frameworkMatch2.0m1

springsourcespring_frameworkMatch2.0m2

springsourcespring_frameworkMatch2.0m3

springsourcespring_frameworkMatch2.0m4

springsourcespring_frameworkMatch2.0m5

springsourcespring_frameworkMatch2.0rc1

springsourcespring_frameworkMatch2.0rc2

springsourcespring_frameworkMatch2.0rc3

springsourcespring_frameworkMatch2.0rc4

springsourcespring_frameworkMatch2.0.1

springsourcespring_frameworkMatch2.0.2

springsourcespring_frameworkMatch2.0.3

springsourcespring_frameworkMatch2.0.4

springsourcespring_frameworkMatch2.0.5

springsourcespring_frameworkMatch2.1m1

springsourcespring_frameworkMatch2.1m2

springsourcespring_frameworkMatch2.1m3

springsourcespring_frameworkMatch2.1m4

springsourcespring_frameworkMatch2.5.0

springsourcespring_frameworkMatch2.5.0rc1

springsourcespring_frameworkMatch2.5.0rc2

springsourcespring_frameworkMatch2.5.1

springsourcespring_frameworkMatch2.5.2

springsourcespring_frameworkMatch2.5.3

springsourcespring_frameworkMatch2.5.4

springsourcespring_frameworkMatch2.5.5

springsourcespring_frameworkMatch2.5.6

springsourcespring_frameworkMatch3.0.0m1

springsourcespring_frameworkMatch3.0.0m2

VendorProductVersionCPE
sunjdk*cpe:2.3:a:sun:jdk:*:update_22:*:*:*:*:*:*
sunjdk1.1.0cpe:2.3:a:sun:jdk:1.1.0:*:*:*:*:*:*:*
sunjdk1.1.6cpe:2.3:a:sun:jdk:1.1.6:*:*:*:*:*:*:*
sunjdk1.1.6cpe:2.3:a:sun:jdk:1.1.6:update7:*:*:*:*:*:*
sunjdk1.1.7bcpe:2.3:a:sun:jdk:1.1.7b:*:*:*:*:*:*:*
sunjdk1.1.7bcpe:2.3:a:sun:jdk:1.1.7b:update5:*:*:*:*:*:*
sunjdk1.1.8cpe:2.3:a:sun:jdk:1.1.8:update10:*:*:*:*:*:*
sunjdk1.1.8cpe:2.3:a:sun:jdk:1.1.8:update13:*:*:*:*:*:*
sunjdk1.1.8cpe:2.3:a:sun:jdk:1.1.8:update14:*:*:*:*:*:*
sunjdk1.1.8cpe:2.3:a:sun:jdk:1.1.8:update2:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jdk	*	cpe:2.3:a:sun:jdk::update_22::::::*
sun	jdk	1.1.0	cpe:2.3:a:sun:jdk:1.1.0:::::::*
sun	jdk	1.1.6	cpe:2.3:a:sun:jdk:1.1.6:::::::*
sun	jdk	1.1.6	cpe:2.3:a:sun:jdk:1.1.6:update7::::::
sun	jdk	1.1.7b	cpe:2.3:a:sun:jdk:1.1.7b:::::::*
sun	jdk	1.1.7b	cpe:2.3:a:sun:jdk:1.1.7b:update5::::::
sun	jdk	1.1.8	cpe:2.3:a:sun:jdk:1.1.8:update10::::::
sun	jdk	1.1.8	cpe:2.3:a:sun:jdk:1.1.8:update13::::::
sun	jdk	1.1.8	cpe:2.3:a:sun:jdk:1.1.8:update14::::::
sun	jdk	1.1.8	cpe:2.3:a:sun:jdk:1.1.8:update2::::::