5

CVE-2009-3884

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunJre Updateupdate_21 Version <= 1.5.0
SunJre Updateupdate_16 Version <= 1.6.0
SunJre Version1.5.0 Updateupdate_1
SunJre Version1.5.0 Updateupdate_11
SunJre Version1.5.0 Updateupdate_12
SunJre Version1.5.0 Updateupdate_13
SunJre Version1.5.0 Updateupdate_14
SunJre Version1.5.0 Updateupdate_15
SunJre Version1.5.0 Updateupdate_16
SunJre Version1.5.0 Updateupdate_17
SunJre Version1.5.0 Updateupdate_18
SunJre Version1.5.0 Updateupdate_19
SunJre Version1.5.0 Updateupdate_2
SunJre Version1.5.0 Updateupdate_20
SunJre Version1.5.0 Updateupdate_3
SunJre Version1.5.0 Updateupdate_4
SunJre Version1.5.0 Updateupdate_5
SunJre Version1.5.0 Updateupdate_6
SunJre Version1.5.0 Updateupdate_7
SunJre Version1.5.0 Updateupdate_8
SunJre Version1.5.0 Updateupdate_9
SunJre Version1.5.0 Updateupdate10
SunJre Version1.6.0 Updateupdate_1
SunJre Version1.6.0 Updateupdate_10
SunJre Version1.6.0 Updateupdate_11
SunJre Version1.6.0 Updateupdate_12
SunJre Version1.6.0 Updateupdate_13
SunJre Version1.6.0 Updateupdate_14
SunJre Version1.6.0 Updateupdate_15
SunJre Version1.6.0 Updateupdate_2
SunJre Version1.6.0 Updateupdate_3
SunJre Version1.6.0 Updateupdate_4
SunJre Version1.6.0 Updateupdate_5
SunJre Version1.6.0 Updateupdate_6
SunJre Version1.6.0 Updateupdate_7
SunJre Version1.6.0 Updateupdate_8
SunJre Version1.6.0 Updateupdate_9
SunOpenjdk
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.95% 0.854
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
Vendor Advisory
http://java.sun.com/javase/6/webnotes/6u17.html
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html
http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html
http://secunia.com/advisories/37581
http://support.apple.com/kb/HT3969
http://support.apple.com/kb/HT3970
https://bugzilla.redhat.com/show_bug.cgi?id=530300
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960