5
CVE-2009-3876
- EPSS 3.41%
- Veröffentlicht 05.11.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:33
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.41% | 0.873 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://secunia.com/advisories/37841
http://www.redhat.com/support/errata/RHSA-2009-1694.html
http://java.sun.com/javase/6/webnotes/6u17.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html
http://secunia.com/advisories/37231
http://secunia.com/advisories/37239
http://www.securityfocus.com/bid/36881
http://www.vupen.com/english/advisories/2009/3131
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=126566824131534&w=2
http://marc.info/?l=bugtraq&m=131593453929393&w=2
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270476-1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10328
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11934
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6805
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8608