Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1105

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1105
Last Modified 21 Aug 2010 01:31:29
Published 25 Mar 2009 07:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1105

Summary

The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.

Vulnerable Systems

Application

  • Sun Java


References

SUNALERT - 254611

REDHAT - RHSA-2009:1198

XF - jre-plugin-weak-security(49458)

VUPEN - ADV-2010-1191

VUPEN - ADV-2009-3316

VUPEN - ADV-2009-1426

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

SECTRACK - 1021920

BID - 34240

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

REDHAT - RHSA-2009:1038

REDHAT - RHSA-2009:0392

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm

CONFIRM - http://support.apple.com/kb/HT4171

GENTOO - GLSA-200911-02

SECUNIA - 39819

SECUNIA - 37460

SECUNIA - 37386

SECUNIA - 36185

SECUNIA - 35255

SECUNIA - 35156

SECUNIA - 34496

HP - HPSBUX02429

SUSE - SUSE-SA:2009:036

SUSE - SUSE-SA:2009:016

APPLE - APPLE-SA-2010-05-18-1

HP - SSRT090058

HP - HPSBMA02429


Last Updated: 27 May 2016 10:51:56