Lucene search

[email protected]NVD:CVE-2009-2670

HistoryAug 05, 2009 - 7:30 p.m.

CVE-2009-2670

2009-08-0519:30:01

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.3

Confidence

High

EPSS

0.01

Percentile

83.7%

JSON

The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.

Affected configurations

Nvd

Node

sunjdkRange≤6update_13

sunjdkMatch5.0update_1

sunjdkMatch5.0update_10

sunjdkMatch5.0update_11

sunjdkMatch5.0update_12

sunjdkMatch5.0update_13

sunjdkMatch5.0update_14

sunjdkMatch5.0update_15

sunjdkMatch5.0update_16

sunjdkMatch5.0update_17

sunjdkMatch5.0update_2

sunjdkMatch5.0update_3

sunjdkMatch5.0update_4

sunjdkMatch5.0update_5

sunjdkMatch5.0update_6

sunjdkMatch5.0update_7

sunjdkMatch5.0update_8

sunjdkMatch5.0update_9

sunjdkMatch6update_1

sunjdkMatch6update_10

sunjdkMatch6update_11

sunjdkMatch6update_12

sunjdkMatch6update_2

sunjdkMatch6update_3

sunjdkMatch6update_4

sunjdkMatch6update_5

sunjdkMatch6update_6

sunjdkMatch6update_7

sunjdkMatch6update_8

sunjdkMatch6update_9

sunjreRange≤6update_13

sunjreMatch5.0update_1

sunjreMatch5.0update_10

sunjreMatch5.0update_11

sunjreMatch5.0update_12

sunjreMatch5.0update_13

sunjreMatch5.0update_14

sunjreMatch5.0update_15

sunjreMatch5.0update_16

sunjreMatch5.0update_17

sunjreMatch5.0update_19

sunjreMatch5.0update_2

sunjreMatch5.0update_3

sunjreMatch5.0update_4

sunjreMatch5.0update_5

sunjreMatch5.0update_6

sunjreMatch5.0update_7

sunjreMatch5.0update_8

sunjreMatch5.0update_9

sunjreMatch6update_1

sunjreMatch6update_10

sunjreMatch6update_11

sunjreMatch6update_12

sunjreMatch6update_2

sunjreMatch6update_3

sunjreMatch6update_4

sunjreMatch6update_5

sunjreMatch6update_6

sunjreMatch6update_7

sunjreMatch6update_8

sunjreMatch6update_9

VendorProductVersionCPE
sunjdk*cpe:2.3:a:sun:jdk:*:update_13:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_15:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_16:*:*:*:*:*:*
sunjdk5.0cpe:2.3:a:sun:jdk:5.0:update_17:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jdk	*	cpe:2.3:a:sun:jdk::update_13::::::*
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_1::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_10::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_11::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_12::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_13::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_14::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_15::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_16::::::
sun	jdk	5.0	cpe:2.3:a:sun:jdk:5.0:update_17::::::