PT-2009-6097 · Sun+2 · Sun Java Se+2

Published

2009-11-05

Updated

2018-10-30

CVE-2009-3872

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun Java SE versions 5.0 before Update 22 Sun Java SE versions 6 before Update 17 Sun Java SE SDK and JRE 1.3.x before 1.3.1 27 Sun Java SE SDK and JRE 1.4.x before 1.4.2 24

Description The issue allows remote attackers to gain privileges via a crafted image file. This is related to an unspecified vulnerability in the JPEG JFIF Decoder.

Recommendations For Sun Java SE versions 5.0 before Update 22, update to Update 22 or later. For Sun Java SE versions 6 before Update 17, update to Update 17 or later. For Sun Java SE SDK and JRE 1.3.x before 1.3.1 27, update to 1.3.1 27 or later. For Sun Java SE SDK and JRE 1.4.x before 1.4.2 24, update to 1.4.2 24 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3872

HPSBUX02503

RHSA-2009:1551

RHSA-2009:1560

RHSA-2009:1643

RHSA-2009:1647

RHSA-2009:1694

RHSA-2010:0043

Affected Products

Hp-Ux

Java Platform

Sun Java Se

PT-2009-6097 · Sun+2 · Sun Java Se+2

CVE-2009-3872

Related Identifiers

Affected Products

References · 39