CVE-2009-3879 — JRE vulnerability

6 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 54.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN JRE
Timeline
PublishedNov 9
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

â–¶NVDsun/jre1.5.0+3

🔴Vulnerability Details

2
GHSA
GHSA-j25w-hjf5-jg7g: Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5↗2022-05-02
â–¶
CVEList
CVE-2009-3879: Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5↗2009-11-09
â–¶

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities↗2009-11-12
â–¶
Red Hat
OpenJDK GraphicsConfiguration information leak(6822057)↗2009-11-03
â–¶

💬Community

1
Bugzilla
CVE-2009-3879 OpenJDK GraphicsConfiguration information leak(6822057)↗2009-10-22
â–¶
CVE-2009-3879 — SUN JRE vulnerability | cvebase