Vulnerability Details CVE-2009-3882
Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657026.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
- http://java.sun.com/javase/6/webnotes/6u17.html
- http://secunia.com/advisories/37386
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- https://bugzilla.redhat.com/show_bug.cgi?id=530175
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
- http://java.sun.com/javase/6/webnotes/6u17.html
- http://secunia.com/advisories/37386
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- https://bugzilla.redhat.com/show_bug.cgi?id=530175
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7300
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8841
Products affected by CVE-2009-3882
-
cpe:2.3:a:sun:jdk:1.5.0
-
cpe:2.3:a:sun:jdk:1.6.0
-
cpe:2.3:a:sun:jre:1.3.1
-
cpe:2.3:a:sun:jre:1.4.2
-
cpe:2.3:a:sun:jre:1.5.0
-
cpe:2.3:a:sun:jre:1.6.0
-
cpe:2.3:a:sun:openjdk:*