CVE-2009-1105
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
25/03/2009
Last modified:
09/04/2025
Description
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:sun:java:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://secunia.com/advisories/39819
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.apple.com/kb/HT4171
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920=
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- http://www.vupen.com/english/advisories/2010/1191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49458
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6642
- https://rhn.redhat.com/errata/RHSA-2009-1198.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://secunia.com/advisories/39819
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.apple.com/kb/HT4171
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920=
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- http://www.vupen.com/english/advisories/2010/1191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49458
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6642
- https://rhn.redhat.com/errata/RHSA-2009-1198.html