Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2009-3864 | First vendor Publication | 2009-11-05 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3864 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6753 | |||
Oval ID: | oval:org.mitre.oval:def:6753 | ||
Title: | Sun Java Updates Availability Notification System Failure | ||
Description: | The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3864 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-23 | Name : Sun Java SE Multiple Vulnerabilities - Nov09 (Win) File : nvt/secpod_sun_java_se_mult_vuln_nov09_win.nasl |
2009-11-23 | Name : SuSE Security Advisory SUSE-SA:2009:058 (java-1_6_0-sun) File : nvt/suse_sa_2009_058.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59718 | Sun Java JDK / JRE on Windows Update Notification Weakness |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Oracle Java runtime JPEGImageReader overflow attempt RuleID : 20055 - Revision : 11 - Type : FILE-JAVA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a runtime environment that is affected by multi... File : sun_java_jre_269868_unix.nasl - Type : ACT_GATHER_INFO |
2010-03-31 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Windows host contains a runtime environment that is affected by mu... File : sun_java_jre_269868.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 00:24:31 |
|
2018-10-31 00:19:59 |
|
2017-09-19 09:23:28 |
|
2016-06-28 17:53:06 |
|
2016-04-26 19:14:17 |
|
2016-03-09 13:25:54 |
|
2014-02-17 10:52:11 |
|
2014-01-19 21:26:17 |
|
2013-05-11 00:00:09 |
|