7.5
CVE-2009-3864
- EPSS 22.48%
- Veröffentlicht 05.11.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 22.48% | 0.974 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://java.sun.com/javase/6/webnotes/6u17.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html
http://secunia.com/advisories/37231
http://secunia.com/advisories/37239
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269868-1
http://www.securityfocus.com/bid/36881
http://www.vupen.com/english/advisories/2009/3131
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6753