Executive Summary

Informations
NameCVE-2009-2676First vendor Publication2009-08-05
VendorCveLast vendor Modification2012-10-22

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:8453
 
Oval ID: oval:org.mitre.oval:def:8453
Title: HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
Description: Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2676
 Version: 3
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application2
Application33
Application67
Application35

Open Source Vulnerability Database (OSVDB)

idDescription
57431Sun Java JDK / JRE JNLPAppletlauncher Unspecified Arbitrary File Manipulation

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/35946
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
CERThttp://www.us-cert.gov/cas/techalerts/TA09-294A.html
CONFIRMhttp://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
GENTOOhttp://security.gentoo.org/glsa/glsa-200911-02.xml
HPhttp://marc.info/?l=bugtraq&m=125787273209737&w=2
http://marc.info/?l=bugtraq&m=125787273209737&w=2
OSVDBhttp://osvdb.org/56789
REDHAThttps://rhn.redhat.com/errata/RHSA-2009-1199.html
https://rhn.redhat.com/errata/RHSA-2009-1200.html
SECTRACKhttp://www.securitytracker.com/id?1022657
SECUNIAhttp://secunia.com/advisories/36176
http://secunia.com/advisories/36199
http://secunia.com/advisories/36248
http://secunia.com/advisories/37300
http://secunia.com/advisories/37386
http://secunia.com/advisories/37460
SUNALERThttp://sunsolve.sun.com/search/document.do?assetkey=1-66-263490-1
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
VUPENhttp://www.vupen.com/english/advisories/2009/3316

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 23:55:08
  • Multiple Updates