5

CVE-2009-1100

EPSS 7.19%
Published 25.03.2009 23:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.

Affected products Warnungen 0 Metrics 2 CWE 0 References 38

Data is provided by the National Vulnerability Database (NVD)

Sun ≫ Jdk Updateupdate17 Version <= 1.5.0

Sun ≫ Jdk Version1.5.0

Sun ≫ Jdk Version1.5.0 Updateupdate1

Sun ≫ Jdk Version1.5.0 Updateupdate10

Sun ≫ Jdk Version1.5.0 Updateupdate11

Sun ≫ Jdk Version1.5.0 Updateupdate11_b03

Sun ≫ Jdk Version1.5.0 Updateupdate12

Sun ≫ Jdk Version1.5.0 Updateupdate13

Sun ≫ Jdk Version1.5.0 Updateupdate14

Sun ≫ Jdk Version1.5.0 Updateupdate15

Sun ≫ Jdk Version1.5.0 Updateupdate16

Sun ≫ Jdk Version1.5.0 Updateupdate2

Sun ≫ Jdk Version1.5.0 Updateupdate3

Sun ≫ Jdk Version1.5.0 Updateupdate4

Sun ≫ Jdk Version1.5.0 Updateupdate5

Sun ≫ Jdk Version1.5.0 Updateupdate6

Sun ≫ Jdk Version1.5.0 Updateupdate7

Sun ≫ Jdk Version1.5.0 Updateupdate7_b03

Sun ≫ Jdk Version1.5.0 Updateupdate8

Sun ≫ Jdk Version1.5.0 Updateupdate9

Sun ≫ Jre Updateupdate17 Version <= 1.5.0

Sun ≫ Jre Version1.5.0

Sun ≫ Jre Version1.5.0 Updateupdate1

Sun ≫ Jre Version1.5.0 Updateupdate10

Sun ≫ Jre Version1.5.0 Updateupdate11

Sun ≫ Jre Version1.5.0 Updateupdate12

Sun ≫ Jre Version1.5.0 Updateupdate13

Sun ≫ Jre Version1.5.0 Updateupdate14

Sun ≫ Jre Version1.5.0 Updateupdate15

Sun ≫ Jre Version1.5.0 Updateupdate16

Sun ≫ Jre Version1.5.0 Updateupdate2

Sun ≫ Jre Version1.5.0 Updateupdate3

Sun ≫ Jre Version1.5.0 Updateupdate4

Sun ≫ Jre Version1.5.0 Updateupdate5

Sun ≫ Jre Version1.5.0 Updateupdate6

Sun ≫ Jre Version1.5.0 Updateupdate7

Sun ≫ Jre Version1.5.0 Updateupdate8

Sun ≫ Jre Version1.5.0 Updateupdate9

Sun ≫ Jdk Updateupdate_12 Version <= 1.6.0

Sun ≫ Jdk Version1.6.0

Sun ≫ Jdk Version1.6.0 Updateupdate_10

Sun ≫ Jdk Version1.6.0 Updateupdate_11

Sun ≫ Jdk Version1.6.0 Updateupdate_3

Sun ≫ Jdk Version1.6.0 Updateupdate_4

Sun ≫ Jdk Version1.6.0 Updateupdate_5

Sun ≫ Jdk Version1.6.0 Updateupdate_6

Sun ≫ Jdk Version1.6.0 Updateupdate_7

Sun ≫ Jdk Version1.6.0 Updateupdate1

Sun ≫ Jdk Version1.6.0 Updateupdate1_b06

Sun ≫ Jdk Version1.6.0 Updateupdate2

Sun ≫ Jre Updateupdate_12 Version <= 1.6.0

Sun ≫ Jre Version1.6.0

Sun ≫ Jre Version1.6.0 Updateupdate_1

Sun ≫ Jre Version1.6.0 Updateupdate_10

Sun ≫ Jre Version1.6.0 Updateupdate_11

Sun ≫ Jre Version1.6.0 Updateupdate_2

Sun ≫ Jre Version1.6.0 Updateupdate_3

Sun ≫ Jre Version1.6.0 Updateupdate_4

Sun ≫ Jre Version1.6.0 Updateupdate_5

Sun ≫ Jre Version1.6.0 Updateupdate_6

Sun ≫ Jre Version1.6.0 Updateupdate_7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.19%	0.912

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/34489

http://secunia.com/advisories/34495

http://secunia.com/advisories/34496

http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm

http://www.redhat.com/support/errata/RHSA-2009-0392.html

http://www.redhat.com/support/errata/RHSA-2009-0394.html

http://www.ubuntu.com/usn/usn-748-1

http://www.securityfocus.com/archive/1/507985/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

http://www.vupen.com/english/advisories/2009/3316

http://secunia.com/advisories/37460

http://secunia.com/advisories/37386

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

http://secunia.com/advisories/35416

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

http://secunia.com/advisories/35255

http://www.vupen.com/english/advisories/2009/1426

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html

http://marc.info/?l=bugtraq&m=124344236532162&w=2

http://secunia.com/advisories/35156

http://secunia.com/advisories/35223

http://secunia.com/advisories/35776

http://secunia.com/advisories/36185

http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1

Patch

http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

http://www.redhat.com/support/errata/RHSA-2009-1038.html

http://www.securityfocus.com/bid/34240

https://rhn.redhat.com/errata/RHSA-2009-1198.html

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254608-1

Patch

Vendor Advisory

http://www.securitytracker.com/id?1021917

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6224

https://nvd.nist.gov/vuln/detail/CVE-2009-1100

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1100

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1100

EUVD