CVE-2009-3852

4 documents4 sources

Severity

7.5HIGH

EPSS

0.4%

top 38.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Runtimes FOR Java Technology

Timeline

PublishedNov 3

Latest updateMay 2

Description

Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5.0.0 before SR10 has unknown impact and attack vectors, related to the "updated version of XML4J 4.4.17."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/runtimes5.0.0

🔴Vulnerability Details

GHSA

GHSA-33qq-vjrc-8xw3: Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5↗2022-05-02

▶

Kernel

namei: allow restricted O_CREAT of FIFOs and regular files↗2018-08-23

▶

CVEList

CVE-2009-3852: Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5↗2009-11-03

▶