cpe:/a:sun:jre:1.5.0:update1 cpe:/a:sun:jre:1.5.0:update10 cpe:/a:sun:jre:1.5.0:update11 cpe:/a:sun:jre:1.5.0:update12 cpe:/a:sun:jre:1.5.0:update13 cpe:/a:sun:jre:1.5.0:update14 cpe:/a:sun:jre:1.5.0:update15 cpe:/a:sun:jre:1.5.0:update16 cpe:/a:sun:jre:1.5.0:update17 cpe:/a:sun:jre:1.5.0:update18 cpe:/a:sun:jre:1.5.0:update19 cpe:/a:sun:jre:1.5.0:update2 cpe:/a:sun:jre:1.5.0:update20 cpe:/a:sun:jre:1.5.0:update21 cpe:/a:sun:jre:1.5.0:update3 cpe:/a:sun:jre:1.5.0:update4 cpe:/a:sun:jre:1.5.0:update5 cpe:/a:sun:jre:1.5.0:update6 cpe:/a:sun:jre:1.5.0:update7 cpe:/a:sun:jre:1.5.0:update8 cpe:/a:sun:jre:1.5.0:update9 cpe:/a:sun:jre:1.6.0:update1 cpe:/a:sun:jre:1.6.0:update10 cpe:/a:sun:jre:1.6.0:update11 cpe:/a:sun:jre:1.6.0:update12 cpe:/a:sun:jre:1.6.0:update13 cpe:/a:sun:jre:1.6.0:update14 cpe:/a:sun:jre:1.6.0:update15 cpe:/a:sun:jre:1.6.0:update16 cpe:/a:sun:jre:1.6.0:update2 cpe:/a:sun:jre:1.6.0:update3 cpe:/a:sun:jre:1.6.0:update4 cpe:/a:sun:jre:1.6.0:update5 cpe:/a:sun:jre:1.6.0:update6 cpe:/a:sun:jre:1.6.0:update7 cpe:/a:sun:jre:1.6.0:update8 cpe:/a:sun:jre:1.6.0:update9 cpe:/a:sun:openjdk CVE-2009-3728 2009-11-09T14:30:00.390-05:00 2017-09-18T21:29:44.877-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2009-11-10T12:14:00.000-05:00 SECUNIA 37386 SECUNIA 37581 APPLE APPLE-SA-2009-12-03-1 APPLE APPLE-SA-2009-12-03-2 GENTOO GLSA-200911-02 MANDRIVA MDVSA-2010:084 CONFIRM http://java.sun.com/j2se/1.5.0/ReleaseNotes.html CONFIRM http://java.sun.com/javase/6/webnotes/6u17.html CONFIRM http://support.apple.com/kb/HT3969 CONFIRM http://support.apple.com/kb/HT3970 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=530098 Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.