Vulnerabilidad en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) (CVE-2009-1105)
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
25/03/2009
Última modificación:
09/04/2025
Descripción
El plug-in en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v6 Update 12, 11 y 10 permite a atacantes remotos asistidos por usuarios locales, provocar una que un applet de confianza ejecutarse en una versión del JRE antigua, lo que puede ser utilizado para explotar vulnerabilidades en esa versión antigua, también conocido como CR 6706490.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:sun:java:*:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://secunia.com/advisories/39819
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.apple.com/kb/HT4171
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920=
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- http://www.vupen.com/english/advisories/2010/1191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49458
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6642
- https://rhn.redhat.com/errata/RHSA-2009-1198.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/36185
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://secunia.com/advisories/39819
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1
- http://support.apple.com/kb/HT4171
- http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm
- http://www.redhat.com/support/errata/RHSA-2009-0392.html
- http://www.redhat.com/support/errata/RHSA-2009-1038.html
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/bid/34240
- http://www.securitytracker.com/id?1021920=
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/1426
- http://www.vupen.com/english/advisories/2009/3316
- http://www.vupen.com/english/advisories/2010/1191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49458
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6642
- https://rhn.redhat.com/errata/RHSA-2009-1198.html