PT-2009-6089 · Oracle · Java Runtime Environment+1

Published

2009-11-05

Updated

2018-10-30

CVE-2009-3864

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 21 Java Runtime Environment (JRE) versions 6.0 through 6.0 Update 16

Description The Java Update functionality in Java Runtime Environment (JRE) does not retrieve available new JRE versions when a non-English version of Windows is used. This allows remote attackers to leverage vulnerabilities in older releases of this software.

Recommendations For Java Runtime Environment (JRE) versions 5.0 through 5.0 Update 21, update to version 5.0 Update 22 or later. For Java Runtime Environment (JRE) versions 6.0 through 6.0 Update 16, update to version 6.0 Update 17 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3864

Affected Products

Java Platform

Java Runtime Environment

PT-2009-6089 · Oracle · Java Runtime Environment+1

CVE-2009-3864

Related Identifiers

Affected Products

References · 11