Vulnerability Details CVE-2009-1103
Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "deserializing applets," aka CR 6646860.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.2%
CVSS Severity
CVSS v2 Score 6.4
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34495
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/35416
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-0394.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49456
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6542
- https://rhn.redhat.com/errata/RHSA-2009-1198.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34495
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/35416
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-0394.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49456
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6542
- https://rhn.redhat.com/errata/RHSA-2009-1198.html