5
CVE-2009-3884
- EPSS 2.95%
- Veröffentlicht 09.11.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:34
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.95% | 0.854 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
http://java.sun.com/javase/6/webnotes/6u17.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html
http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html
http://secunia.com/advisories/37581
http://support.apple.com/kb/HT3969
http://support.apple.com/kb/HT3970
https://bugzilla.redhat.com/show_bug.cgi?id=530300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960