CVE-2009-3882Sensitive Information Exposure in JDK

CWE-200Sensitive Information Exposure6 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.7%
top 28.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedNov 9
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDsun/jdk1.5.0+3
NVDsun/jre1.5.0+3

🔴Vulnerability Details

2
GHSA
GHSA-mhx4-mvfp-68gh: Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 52022-05-02
CVEList
CVE-2009-3882: Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 52009-11-09

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities2009-11-12
Red Hat
OpenJDK information leaks in mutable variables (6657026,6657138)2009-11-03

💬Community

1
Bugzilla
CVE-2009-3882 CVE-2009-3883 OpenJDK information leaks in mutable variables (6657026,6657138)2009-10-21
CVE-2009-3882 — Sensitive Information Exposure in JDK | cvebase