CVE-2009-2716
- EPSS 1.29%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:05
The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in "old zip and certificate handling" and have unspecified other impact via...
CVE-2009-2717
- EPSS 1.33%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:05
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on Windows 2000 Professional does not provide a Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely ...
CVE-2009-2718
- EPSS 1.72%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:05
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers t...
- EPSS 2.03%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in t...
- EPSS 2%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException in the Jemmy l...
- EPSS 2.45%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003.
- EPSS 2.77%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003.
- EPSS 2.73%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
CVE-2009-2724
- EPSS 1.58%
- Veröffentlicht 10.08.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:06
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."
CVE-2009-2475
- EPSS 2.32%
- Veröffentlicht 10.08.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:31
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQue...