CVE-2009-2843Apple MAC OS X vulnerability

CWE-3103 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.0%
top 22.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedDec 8
Latest updateMay 2

Description

Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x10.5.8

Patches

Patch: lists.apple.comPatch: lists.apple.comPatch: support.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-vw7w-hxgp-f22h: Java for Mac OS X 102022-05-02
CVEList
CVE-2009-2843: Java for Mac OS X 102009-12-08
CVE-2009-2843 — Apple MAC OS X vulnerability | cvebase