CVE-2009-3864

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-3864
The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://java.sun.com/javase/6/webnotes/6u17.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html
http://secunia.com/advisories/37231 Vendor Advisory
http://secunia.com/advisories/37239
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269868-1 Patch Vendor Advisory
http://www.securityfocus.com/bid/36881 Patch
http://www.vupen.com/english/advisories/2009/3131 Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6753
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
OR cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update9:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update9:*:*:*:*:*:*
History

No history.

Information

Published : 2009-11-05 16:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-3864

Mitre link : CVE-2009-3864

CVE.ORG link : CVE-2009-3864

JSON object : View

Products Affected

microsoft

  • windows

sun

  • jre
  • jdk
CWE
NVD-CWE-Other