Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-3883 (GCVE-0-2009-3883)
Vulnerability from cvelistv5 – Published: 2009-11-09 19:00 – Updated: 2024-08-07 06:45
VLAI?
EPSS
Summary
Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "oval:org.mitre.oval:def:10191",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"name": "oval:org.mitre.oval:def:6968",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-200911-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "oval:org.mitre.oval:def:10191",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"name": "oval:org.mitre.oval:def:6968",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "MDVSA-2010:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "37386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37386"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-3883",
"datePublished": "2009-11-09T19:00:00.000Z",
"dateReserved": "2009-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:45:50.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTA-2010-AVI-043
Vulnerability from certfr_avis - Published: 2010-02-02 - Updated: 2010-02-02
De multiples vulnérabilités dans les produits VMware permettent, entre autre, l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités dans les produits VMware permettent, entre autre, l'exécution de code arbitraire à distance. Ces vulnérabilités impactent plus spécifiquement la couche logicielle Java JRE utilisée par certains produits VMware.
Il est à noter que des correctifs ne sont pour l'instant pas disponibles pour toutes les plaformes impactées.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Server 2.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VirtualCenter 2.0.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "ESX 3.0.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "ESX 3.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VirtualCenter 2.5 ant\u00e9rieur \u00e0 Update 6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "vMA 4.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "ESX 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "vCenter 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans les produits VMware permettent, entre\nautre, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance. Ces vuln\u00e9rabilit\u00e9s\nimpactent plus sp\u00e9cifiquement la couche logicielle Java JRE utilis\u00e9e par\ncertains produits VMware.\n\nIl est \u00e0 noter que des correctifs ne sont pour l\u0027instant pas disponibles\npour toutes les plaformes impact\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3877",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3877"
},
{
"name": "CVE-2009-2724",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2724"
},
{
"name": "CVE-2009-2721",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2721"
},
{
"name": "CVE-2009-1106",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1106"
},
{
"name": "CVE-2009-1104",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1104"
},
{
"name": "CVE-2009-3871",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
},
{
"name": "CVE-2009-1101",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1101"
},
{
"name": "CVE-2009-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2673"
},
{
"name": "CVE-2009-3884",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3884"
},
{
"name": "CVE-2009-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2719"
},
{
"name": "CVE-2009-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
},
{
"name": "CVE-2009-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1094"
},
{
"name": "CVE-2009-3882",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3882"
},
{
"name": "CVE-2009-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1095"
},
{
"name": "CVE-2009-2672",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2672"
},
{
"name": "CVE-2009-2670",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2670"
},
{
"name": "CVE-2009-1102",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1102"
},
{
"name": "CVE-2009-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3872"
},
{
"name": "CVE-2009-2720",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2720"
},
{
"name": "CVE-2009-2671",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2671"
},
{
"name": "CVE-2009-3864",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3864"
},
{
"name": "CVE-2009-2675",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2675"
},
{
"name": "CVE-2009-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2625"
},
{
"name": "CVE-2009-3883",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3883"
},
{
"name": "CVE-2009-3728",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3728"
},
{
"name": "CVE-2009-1099",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1099"
},
{
"name": "CVE-2009-3881",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3881"
},
{
"name": "CVE-2009-3876",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3876"
},
{
"name": "CVE-2009-3885",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3885"
},
{
"name": "CVE-2009-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
},
{
"name": "CVE-2009-2723",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2723"
},
{
"name": "CVE-2009-1107",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1107"
},
{
"name": "CVE-2009-2716",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2716"
},
{
"name": "CVE-2009-3869",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
},
{
"name": "CVE-2009-1105",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1105"
},
{
"name": "CVE-2009-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3873"
},
{
"name": "CVE-2009-2722",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2722"
},
{
"name": "CVE-2009-3886",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3886"
},
{
"name": "CVE-2009-1103",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1103"
},
{
"name": "CVE-2009-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
},
{
"name": "CVE-2009-1100",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1100"
},
{
"name": "CVE-2009-2676",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2676"
},
{
"name": "CVE-2009-3879",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3879"
},
{
"name": "CVE-2009-3729",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3729"
},
{
"name": "CVE-2009-1096",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1096"
},
{
"name": "CVE-2009-1098",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1098"
},
{
"name": "CVE-2009-3868",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3868"
},
{
"name": "CVE-2009-1097",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1097"
},
{
"name": "CVE-2009-3865",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3865"
},
{
"name": "CVE-2009-3880",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3880"
},
{
"name": "CVE-2009-2718",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2718"
},
{
"name": "CVE-2009-3866",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3866"
},
{
"name": "CVE-2009-1093",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1093"
}
],
"initial_release_date": "2010-02-02T00:00:00",
"last_revision_date": "2010-02-02T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2010-0002 du 29 janvier 2010 :",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0002.html"
}
],
"reference": "CERTA-2010-AVI-043",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-02-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans les produits VMware permettent, entre\nautre, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2010-0002 du 29 janvier 2010",
"url": null
}
]
}
FKIE_CVE-2009-3883
Vulnerability from fkie_nvd - Published: 2009-11-09 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | openjdk | * | |
| sun | jre | * | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E78309B-E13F-4B65-9F59-39A993B900AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:update21:*:*:*:*:*:*",
"matchCriteriaId": "94610598-AA41-4E03-AE95-8F55C67DA127",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:update16:*:*:*:*:*:*",
"matchCriteriaId": "064E7F92-A69C-47DB-92F7-8EAB02157BF2",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "B6339EF9-97AC-4675-9971-7435A4B31432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "6D1626F8-26F4-4EC5-A486-98808372425F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "FA1BFE3B-3773-426B-9E69-250249E059C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "46621D4B-CA2B-4EAC-884E-9CC9486F2F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "37FED4C9-7501-4DF3-B05E-0B460CBB2D9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "6958538A-0C2E-460F-A130-70515AFBB6A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "360EF765-0C3A-4A13-9DA3-48928BB978E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "FBE651B3-3320-48E7-BDD5-74D3C609162C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "2F435AA3-B716-4B3B-8873-3646E18CA600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "4773DE1C-50EF-4561-B480-74C6BD64D449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "BB2B5C85-D6EE-4C0B-9228-A724D6C780C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "60D59062-997B-44F1-95C6-619823F138A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update21:*:*:*:*:*:*",
"matchCriteriaId": "DE530E86-CB96-4720-9C0C-EBBF583AE87E",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update16:*:*:*:*:*:*",
"matchCriteriaId": "1382DB42-D947-4690-880B-A158C993A495",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE5F6E90-A942-4468-B763-9606CE073A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B0ADF941-5E90-498D-A2E2-7DBCF5358D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "0819F015-FF7B-4C8F-B195-4CB54070BAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "B5CB2234-B196-4F41-9FE9-A1896A57E575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "572A693C-1EEE-4A6C-BA42-B4FB4B28D0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "7A59AF0A-5335-4650-88DB-5B261FE5E308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "A819CA7F-6AA9-4CB0-8577-7F8C751825DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "374CA7F2-A5CE-43A3-8317-EEC605127B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0FF2748E-1A9A-4988-91B7-A3A8D2B06CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "E2868B56-7CFA-4E49-9EDC-8A5E4F9D4861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "8CCADCB6-E972-429E-AAA6-44857094AF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A86AD5C2-32D1-4C85-A643-A7FF7F46B4C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "F79C6897-18C1-43CF-AA05-C73AD57F01FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en la funcionalidad Windows Pluggable Look and Feel (PL\u0026F) de la implementaci\u00f3n de Swing en Sun Java SE 5.0 antes de Update 22, Sun Java SE 6.0 antes de la actualizaci\u00f3n 17, y OpenJDK, tienen un impacto desconocido y vectores de ataque remotos, relacionados con \"fugas de informaci\u00f3n en variables mutables\". Se trata del Bug ID 6657138."
}
],
"id": "CVE-2009-3883",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-09T19:30:00.547",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37386"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-J4H5-R7CJ-3JWC
Vulnerability from github – Published: 2022-05-02 03:49 – Updated: 2022-05-02 03:49
VLAI?
Details
Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
{
"affected": [],
"aliases": [
"CVE-2009-3883"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-11-09T19:30:00Z",
"severity": "HIGH"
},
"details": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138.",
"id": "GHSA-j4h5-r7cj-3jwc",
"modified": "2022-05-02T03:49:22Z",
"published": "2022-05-02T03:49:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3883"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"type": "WEB",
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"type": "WEB",
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/37386"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2009-3883
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-3883",
"description": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138.",
"id": "GSD-2009-3883",
"references": [
"https://www.suse.com/security/cve/CVE-2009-3883.html",
"https://access.redhat.com/errata/RHSA-2009:1662",
"https://access.redhat.com/errata/RHSA-2009:1584",
"https://access.redhat.com/errata/RHSA-2009:1571",
"https://access.redhat.com/errata/RHSA-2009:1560",
"https://linux.oracle.com/cve/CVE-2009-3883.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-3883"
],
"details": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138.",
"id": "GSD-2009-3883",
"modified": "2023-12-13T01:19:49.770519Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource": "MISC",
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "http://java.sun.com/javase/6/webnotes/6u17.html",
"refsource": "MISC",
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"name": "http://secunia.com/advisories/37386",
"refsource": "MISC",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "http://security.gentoo.org/glsa/glsa-200911-02.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
},
{
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968",
"refsource": "MISC",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530175",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update21:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update16:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update21:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update16:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-3883"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL\u0026F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=530175",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530175"
},
{
"name": "http://java.sun.com/javase/6/webnotes/6u17.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/javase/6/webnotes/6u17.html"
},
{
"name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "37386",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37386"
},
{
"name": "MDVSA-2010:084",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
},
{
"name": "oval:org.mitre.oval:def:6968",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968"
},
{
"name": "oval:org.mitre.oval:def:10191",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:26Z",
"publishedDate": "2009-11-09T19:30Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…