Lucene search

K
nvd[email protected]NVD:CVE-2009-3728
HistoryNov 09, 2009 - 7:30 p.m.

CVE-2009-3728

2009-11-0919:30:00
CWE-22
web.nvd.nist.gov
7

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0.007

Percentile

80.3%

Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a … (dot dot) in a pathname, aka Bug Id 6631533.

Affected configurations

Nvd
Node
sunjreMatch1.5.0update1
OR
sunjreMatch1.5.0update10
OR
sunjreMatch1.5.0update11
OR
sunjreMatch1.5.0update12
OR
sunjreMatch1.5.0update13
OR
sunjreMatch1.5.0update14
OR
sunjreMatch1.5.0update15
OR
sunjreMatch1.5.0update16
OR
sunjreMatch1.5.0update17
OR
sunjreMatch1.5.0update18
OR
sunjreMatch1.5.0update19
OR
sunjreMatch1.5.0update2
OR
sunjreMatch1.5.0update20
OR
sunjreMatch1.5.0update21
OR
sunjreMatch1.5.0update3
OR
sunjreMatch1.5.0update4
OR
sunjreMatch1.5.0update5
OR
sunjreMatch1.5.0update6
OR
sunjreMatch1.5.0update7
OR
sunjreMatch1.5.0update8
OR
sunjreMatch1.5.0update9
OR
sunjreMatch1.6.0update_1
OR
sunjreMatch1.6.0update_2
OR
sunjreMatch1.6.0update_3
OR
sunjreMatch1.6.0update10
OR
sunjreMatch1.6.0update11
OR
sunjreMatch1.6.0update12
OR
sunjreMatch1.6.0update13
OR
sunjreMatch1.6.0update14
OR
sunjreMatch1.6.0update15
OR
sunjreMatch1.6.0update16
OR
sunjreMatch1.6.0update4
OR
sunjreMatch1.6.0update5
OR
sunjreMatch1.6.0update6
OR
sunjreMatch1.6.0update7
OR
sunjreMatch1.6.0update8
OR
sunjreMatch1.6.0update9
OR
sunopenjdk
VendorProductVersionCPE
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
Rows per page:
1-10 of 381

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0.007

Percentile

80.3%