[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-3871Date: (C)2009-11-05   (M)2024-02-22


Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1023132
SUNALERT-270474
BID-36881
SECUNIA-37231
SECUNIA-37239
SECUNIA-37386
SECUNIA-37581
SECUNIA-37841
ADV-2009-3131
APPLE-SA-2009-12-03-1
APPLE-SA-2009-12-03-2
GLSA-200911-02
HPSBMU02799
MDVSA-2010:084
RHSA-2009:1694
SSRT100019
SSRT100242
SUSE-SA:2009:058
http://java.sun.com/javase/6/webnotes/6u17.html
http://support.apple.com/kb/HT3969
http://support.apple.com/kb/HT3970
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
http://zerodayinitiative.com/advisories/ZDI-09-079/
oval:org.mitre.oval:def:12134
oval:org.mitre.oval:def:6698
oval:org.mitre.oval:def:8275
oval:org.mitre.oval:def:9360

CPE    129
cpe:/o:sun:solaris
cpe:/a:sun:jre:1.3.1_03
cpe:/a:sun:jre:1.3.1_04
cpe:/a:sun:jre:1.3.1_05
...
CWE    1
CWE-119
OVAL    10
oval:org.secpod.oval:def:400070
oval:org.secpod.oval:def:19726
oval:org.secpod.oval:def:101974
oval:org.secpod.oval:def:202085
...

© SecPod Technologies