Java Se@5.0 Security Vulnerabilities and Issues — Java Se@5.0 CVE List

Lucene search

SunJava Se5.0

6 matches found

CVE•added 2009/08/10 6:30 p.m.•97 views

CVE-2009-2475

Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResource...

7.8CVSS5.8AI score0.11393EPSS

CVE•added 2009/08/10 8:30 p.m.•93 views

CVE-2009-2721

Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003.

10CVSS7.5AI score0.01153EPSS

CVE•added 2009/08/10 8:30 p.m.•85 views

CVE-2009-2723

Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.

10CVSS7.3AI score0.04597EPSS

CVE•added 2009/08/10 8:30 p.m.•83 views

CVE-2009-2722

Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003.

10CVSS7.5AI score0.04201EPSS

CVE•added 2009/08/10 8:30 p.m.•83 views

CVE-2009-2724

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."

9.3CVSS7.2AI score0.0054EPSS

CVE•added 2009/08/10 6:30 p.m.•79 views

CVE-2009-2689

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.

10CVSS5.4AI score0.07928EPSS