Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2843

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-2843
Last Modified 04 Jan 2011 12:00:00
Published 08 Dec 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-2843

Summary

Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.5.8

  • Apple Mac Os X Server 10.5.8


References

BID - 37206

CONFIRM - http://support.apple.com/kb/HT3970

CONFIRM - http://support.apple.com/kb/HT3969

APPLE - APPLE-SA-2009-12-03-2

APPLE - APPLE-SA-2009-12-03-1

SECUNIA - 37581

Related Patches

Apple 2009-12-03 Java for Mac OS X 10.6 Update 1

Apple 2009-12-03 Java for Mac OS X 10.5 Update 6


Last Updated: 27 May 2016 10:51:02