CVE-2009-3866JDK vulnerability

CWE-2646 documents5 sources
Severity
9.3CRITICALNVD
EPSS
5.7%
top 9.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedNov 5
Latest updateMay 2

Description

The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDsun/jdk1.6.0
NVDsun/jre1.6.0

Patches

Patch: sunsolve.sun.comPatch: www.vupen.comPatch: zerodayinitiative.com

🔴Vulnerability Details

2
GHSA
GHSA-768x-w4jc-f2gp: The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer2022-05-02
CVEList
CVE-2009-3866: The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer2009-11-05

📋Vendor Advisories

1
Red Hat
java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)2009-11-03

💬Community

2
Bugzilla
CVE-2009-3866 java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)2009-11-05
Bugzilla
CVE-2009-3866 JRE arbitary code execution using java web start (6872824)2009-11-04
CVE-2009-3866 — SUN JDK vulnerability | cvebase