Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1104
HistoryMar 25, 2009 - 12:00 a.m.

CVE-2009-1104

2009-03-2500:00:00
ubuntu.com
ubuntu.com
13

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

75.9%

JSON

The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime
Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and
1.4.2_19 and earlier does not prevent Javascript that is loaded from the
localhost from connecting to other ports on the system, which allows
user-assisted attackers to bypass intended access restrictions via
LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged
with separate cross-site scripting (XSS) vulnerabilities for remote attack
vectors.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchsun-java6< 6.20dlj-0ubuntu1.8.04UNKNOWN
ubuntu9.04noarchsun-java6< 6.20dlj-0ubuntu1.9.04UNKNOWN
ubuntu9.10noarchsun-java6< 6.20dlj-0ubuntu1.9.10UNKNOWN
ubuntu10.04noarchsun-java6< 6.20dlj-1ubuntu3UNKNOWN

Related

prion 1
cve 1
veracode 1
nessus 33
openvas 26
redhat 6
suse 3
vmware 6
gentoo 1
prion
prion
Cross site scripting
2009-03-25 23:30:00
cve
cve
CVE-2009-1104
2009-03-25 23:30:00
veracode
veracode
Access Control Bypass
2020-04-10 00:37:28
nessus
nessus
Solaris 10 (x86) : 118669-61
2018-03-12 00:00:00
Solaris 10 (x86) : 118669-19
2018-03-12 00:00:00
openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-698)
2009-07-21 00:00:00
openvas
openvas
SLES10: Security update for IBM Java 5
2009-10-13 00:00:00
SLES10: Security update for IBM Java 5
2009-10-13 00:00:00
SLES9: Security update for IBM Java 5 JRE and IBM Java 5 SDK
2009-10-10 00:00:00
redhat
redhat
(RHSA-2009:0394) Critical: java-1.5.0-sun security update
2009-03-26 00:00:00
(RHSA-2009:1038) Critical: java-1.5.0-ibm security update
2009-05-18 00:00:00
(RHSA-2009:1198) Critical: java-1.6.0-ibm security update
2009-08-06 00:00:00
suse
suse
remote code execution in IBM JDK 5
2009-05-25 13:39:41
remote code execution in java-1_6_0-ibm
2009-07-02 21:55:23
remote code execution in Sun Java 5 and 6
2009-04-03 13:04:22
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware vCenter update release addresses multiple security issues in Java JRE
2010-01-29 00:00:00
gentoo
gentoo
Sun JDK/JRE: Multiple vulnerabilities
2009-11-17 00:00:00

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

75.9%

JSON
Related for UB:CVE-2009-1104
prion1cve1veracode1nessus33openvas26redhat6suse3vmware6gentoo1