CVE-2009-1100 — JDK vulnerability

8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

7.2%

top 8.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE

Timeline

PublishedMar 25

Latest updateMay 2

Description

Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/jdk1.5.0+3

▶NVDsun/jre1.5.0+3

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-mh7w-frv3-83jh: Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5↗2022-05-02

▶

CVEList

CVE-2009-1100: Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5↗2009-03-25

▶

📋Vendor Advisories

Ubuntu

OpenJDK vulnerabilities↗2009-03-26

▶

Red Hat

OpenJDK: DoS (disk consumption) via handling of temporary font files↗2009-03-23

▶

💬Community

Bugzilla

CVE-2009-1268 Wireshark CHAP dissector crash↗2009-04-09

▶

Bugzilla

CVE-2009-1269 Wireshark Tektronix .rf5 file crash↗2009-04-09

▶

Bugzilla

CVE-2009-1100 OpenJDK: DoS (disk consumption) via handling of temporary font files↗2009-03-26

▶