This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sun:jdk:6:update_9
Detail
VendorSunFirst view 2008-12-04
ProductJdkLast view2009-08-06
Version6TypeApplication
Edition 
Language 
Updateupdate_9 
 
CPE Productcpe:/a:sun:jdk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-06CVE-2009-2625NetworkLowNone Requ...
102009-08-05CVE-2009-2675NetworkLowNone Requ...
7.52009-08-05CVE-2009-2674NetworkLowNone Requ...
7.52009-08-05CVE-2009-2673NetworkLowNone Requ...
7.52009-08-05CVE-2009-2672NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-08-05CVE-2009-2671NetworkLowNone Requ...
52009-08-05CVE-2009-2670NetworkLowNone Requ...
6.42008-12-05CVE-2008-5360NetworkLowNone Requ...
9.32008-12-05CVE-2008-5359NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5357NetworkMediumNone Requ...
9.32008-12-05CVE-2008-5356NetworkMediumNone Requ...
102008-12-05CVE-2008-5355NetworkLowNone Requ...
9.32008-12-05CVE-2008-5354NetworkMediumNone Requ...
102008-12-05CVE-2008-5353NetworkLowNone Requ...
7.52008-12-05CVE-2008-5351NetworkLowNone Requ...
52008-12-05CVE-2008-5350NetworkLowNone Requ...
7.12008-12-05CVE-2008-5348NetworkMediumNone Requ...
7.52008-12-05CVE-2008-5345NetworkLowNone Requ...
7.52008-12-05CVE-2008-5344NetworkLowNone Requ...
92008-12-05CVE-2008-5343NetworkLowNone Requ...
52008-12-05CVE-2008-5342NetworkLowNone Requ...
52008-12-05CVE-2008-5341NetworkLowNone Requ...
102008-12-05CVE-2008-5340NetworkLowNone Requ...
52008-12-05CVE-2008-5339NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
47% (8)CWE-264Permissions, Privileges, and Access Controls
17% (3)CWE-200Information Exposure
17% (3)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (1)CWE-287Improper Authentication
5% (1)CWE-189Numeric Errors
Hide | Show 1 More...
%idName
5% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:6249Sun Java Web Start and Java Plug-in applet class security bypass
oval:org.mitre.oval:def:8022HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other...
oval:org.mitre.oval:def:11326The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 befor...
oval:org.mitre.oval:def:6409Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo...
oval:org.mitre.oval:def:6529Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:6627Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
oval:org.mitre.oval:def:5841Sun Java Runtime Environment image processing code buffer overflow
oval:org.mitre.oval:def:5924Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6549Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne...
oval:org.mitre.oval:def:5664Sun Java Runtime Environment Java Update Fails to Validate Digital Signatures
oval:org.mitre.oval:def:6505Sun Java Runtime Environment TrueType font integer overflow
oval:org.mitre.oval:def:6596Sun Java Runtime Environment temporary files weak security
oval:org.mitre.oval:def:13408USN-713-1 -- openjdk-6 vulnerabilities
oval:org.mitre.oval:def:22731ELSA-2009:0015: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:22521ELSA-2008:1025: java-1.5.0-sun security update (Critical)
oval:org.mitre.oval:def:22263ELSA-2008:1018: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22126ELSA-2009:0016: java-1.5.0-ibm security update (Critical)
oval:org.mitre.oval:def:21870ELSA-2009:0445: java-1.4.2-ibm security update (Critical)
oval:org.mitre.oval:def:6494Sun Java Runtime Environment TrueType font buffer overflow
oval:org.mitre.oval:def:5601Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code...
oval:org.mitre.oval:def:9356XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environme...
oval:org.mitre.oval:def:8520HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other...
oval:org.mitre.oval:def:8045DSA-1921 expat -- denial of service
oval:org.mitre.oval:def:7306DSA-1984 libxerces2-java -- denial of service
oval:org.mitre.oval:def:21986RHSA-2011:0858: xerces-j2 security update (Moderate)

SAINT Exploits

DescriptionLink
Java Runtime Environment JAR manifest Main Class buffer overflowMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
56984Apache Xerces2 Java Malformed XML Input DoS
56788Sun Java JDK / JRE Audio System Unauthorized java.lang.System Properties Access
56787Sun Java JDK / JRE WebStart (javaws.exe) JPEG Decompression Overflow
56786Sun Java JDK / JRE Pack200 JAR File Decoding Inner Class Count Overflow
56785Sun Java JDK / JRE Proxy Mechanism Implementation Arbitrary Host Connection
Hide | Show 20 More...
idDescription
56784Sun Java JDK / JRE Proxy Mechanism Implementation Unauthorized Browser Cookie...
56783Sun Java JDK / JRE SOCKS Proxy Implementation Applet Process Owner Disclosure
50517Sun Java JDK / JRE TrueType Font Processing Integer Overflow
50516Sun Java JDK / JRE TrueType Font Processing Heap Overflow
50514Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access
50513Sun Java JDK / JRE Applet Classloading Privilege Escalation
50512Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking
50511Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert...
50510Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ...
50509Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A...
50508Sun Java JRE LocalHost Network Access Restriction Bypass
50505Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS
50503Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing
50502Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness
50500Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation
50499Sun Java JDK / JRE Command Line Application Overflow
50498Sun Java JDK / JRE Java Update Mechanism Digital Signature Verification Weakness
50497Sun Java JDK / JRE Java Web Start Application JNLP File Handling Socket Restr...
50496Sun Java JDK / JRE Java AWT Library ConvolveOp Operation Image Handling Overflow
50495Sun Java JDK / JRE Environment Temporary File Name Prediction Weakness

ExploitDB Exploits

idDescription
16302Signed Applet Social Engineering Code Exec
16293Sun Java Calendar Deserialization Exploit
9948Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati...
8753Mac OS X Java applet Remote Deserialization Remote PoC (updated)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-06-06Name : RedHat Update for xerces-j2 RHSA-2011:0858-01
File : nvt/gb_RHSA-2011_0858-01_xerces-j2.nasl
2011-08-09Name : CentOS Update for xerces-j2 CESA-2009:1615 centos5 i386
File : nvt/gb_CESA-2009_1615_xerces-j2_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2009:1201 centos5 i386
File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl
2011-06-20Name : Mandriva Update for xerces-j2 MDVSA-2011:108 (xerces-j2)
File : nvt/gb_mandriva_MDVSA_2011_108.nasl
2010-10-10Name : FreeBSD Ports: apr
File : nvt/freebsd_apr0.nasl
Hide | Show 20 More...
idDescription
2010-05-28Name : Java for Mac OS X 10.5 Update 3
File : nvt/macosx_java_for_10_5_upd_3.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 4
File : nvt/macosx_java_for_10_5_upd_4.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-04-16Name : Ubuntu Update for cmake vulnerabilities USN-890-6
File : nvt/gb_ubuntu_USN_890_6.nasl
2010-02-19Name : Ubuntu Update for xmlrpc-c vulnerabilities USN-890-5
File : nvt/gb_ubuntu_USN_890_5.nasl
2010-01-29Name : Ubuntu Update for python-xml vulnerabilities USN-890-4
File : nvt/gb_ubuntu_USN_890_4.nasl
2010-01-25Name : Ubuntu Update for python2.4 vulnerabilities USN-890-3
File : nvt/gb_ubuntu_USN_890_3.nasl
2010-01-22Name : Ubuntu Update for expat vulnerabilities USN-890-1
File : nvt/gb_ubuntu_USN_890_1.nasl
2010-01-22Name : Ubuntu Update for python2.5 vulnerabilities USN-890-2
File : nvt/gb_ubuntu_USN_890_2.nasl
2010-01-15Name : Mandriva Update for davfs MDVSA-2009:220-1 (davfs)
File : nvt/gb_mandriva_MDVSA_2009_220_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-1 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-2 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_2.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-3 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_3.nasl
2009-12-30Name : CentOS Security Advisory CESA-2009:1615 (xerces-j2)
File : nvt/ovcesa2009_1615.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:211-1 (expat)
File : nvt/mdksa_2009_211_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:212-1 (python)
File : nvt/mdksa_2009_212_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)
File : nvt/mdksa_2009_213_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
File : nvt/mdksa_2009_215_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)
File : nvt/mdksa_2009_217_3.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:218-1 (w3c-libwww)
File : nvt/mdksa_2009_218_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2009-A-0105Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

DateDescription
2014-01-10Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Type : MALWARE-CNC - Revision : 4
2014-01-10Phoenix exploit kit landing page
RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 5
2014-01-10Oracle Java calendar deserialize vulnerability
RuleID : 20238 - Type : SERVER-OTHER - Revision : 4
2014-01-10Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow
RuleID : 17563 - Type : FILE-JAVA - Revision : 12
2014-01-10Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt
RuleID : 17395 - Type : FILE-IMAGE - Revision : 14

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-11-30Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_18449f92ab3911e68011005056925db4.nasl - Type : ACT_GATHER_INFO
2016-03-08Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15905.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1537.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1615.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0858.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_244986_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090117_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110608_xerces_j2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091130_xerces_j2_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-06-14Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-108.nasl - Type : ACT_GATHER_INFO
2011-06-09Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0858.nasl - Type : ACT_GATHER_INFO
2011-04-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO
2011-02-11Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-041-02.nasl - Type : ACT_GATHER_INFO
2011-01-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libicecore-6857.nasl - Type : ACT_GATHER_INFO