RHSA-2009:1560
Vulnerability from csaf_redhat
Published
2009-11-09 15:04
Modified
2024-11-14 10:47
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. These
vulnerabilities are summarized on the "Advance notification of Security
Updates for Java SE" page from Sun Microsystems, listed in the References
section. (CVE-2009-2409, CVE-2009-3728, CVE-2009-3729, CVE-2009-3865,
CVE-2009-3866, CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871,
CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876,
CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882,
CVE-2009-3883, CVE-2009-3884, CVE-2009-3886)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues. All running instances of Sun Java must be restarted
for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. These\nvulnerabilities are summarized on the \"Advance notification of Security\nUpdates for Java SE\" page from Sun Microsystems, listed in the References\nsection. (CVE-2009-2409, CVE-2009-3728, CVE-2009-3729, CVE-2009-3865,\nCVE-2009-3866, CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871,\nCVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876,\nCVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882,\nCVE-2009-3883, CVE-2009-3884, CVE-2009-3886)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2009:1560", url: "https://access.redhat.com/errata/RHSA-2009:1560", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "http://blogs.sun.com/security/entry/advance_notification_of_security_updates6", url: "http://blogs.sun.com/security/entry/advance_notification_of_security_updates6", }, { category: "external", summary: "510197", url: "https://bugzilla.redhat.com/show_bug.cgi?id=510197", }, { category: "external", summary: "530053", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530053", }, { category: "external", summary: "530057", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530057", }, { category: "external", summary: "530061", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530061", }, { category: "external", summary: "530062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530062", }, { category: "external", summary: "530063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530063", }, { category: "external", summary: "530067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530067", }, { category: "external", summary: "530098", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530098", }, { category: "external", summary: "530173", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530173", }, { category: "external", summary: "530175", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530175", }, { category: "external", summary: "530296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530296", }, { category: "external", summary: "530297", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530297", }, { category: "external", summary: "530300", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530300", }, { category: "external", summary: "532904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532904", }, { category: "external", summary: "532906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532906", }, { category: "external", summary: "532914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532914", }, { category: "external", summary: "533211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533211", }, { category: "external", summary: "533212", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533212", }, { category: "external", summary: "533214", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533214", }, { category: "external", summary: "533215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533215", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1560.json", }, ], title: "Red Hat Security Advisory: java-1.6.0-sun security update", tracking: { current_release_date: "2024-11-14T10:47:06+00:00", generator: { date: "2024-11-14T10:47:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2009:1560", initial_release_date: "2009-11-09T15:04:00+00:00", revision_history: [ { date: "2009-11-09T15:04:00+00:00", number: "1", summary: "Initial version", }, { date: "2009-11-09T10:04:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:47:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS version 4 Extras", product: { name: "Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Desktop version 4 Extras", product: { name: "Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4 Extras", product: { name: "Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4 Extras", product: { name: "Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product: { name: "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Supplementary (v. 5)", product: { name: "Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux Supplementary", }, { branches: [ { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.17-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", product: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", product_id: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.17-1jpp.2.el5?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.17-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", product: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", product_id: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.17-1jpp.2.el5?arch=i586&epoch=1", }, }, }, ], category: "architecture", name: "i586", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2409", discovery_date: "2009-02-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "510197", }, ], notes: [ { category: "description", text: "The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.", title: "Vulnerability description", }, { category: "summary", text: "deprecate MD2 in SSL cert validation (Kaminsky)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2409", }, { category: "external", summary: "RHBZ#510197", url: "https://bugzilla.redhat.com/show_bug.cgi?id=510197", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2409", url: "https://www.cve.org/CVERecord?id=CVE-2009-2409", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2409", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2409", }, ], release_date: "2009-07-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "deprecate MD2 in SSL cert validation (Kaminsky)", }, { cve: "CVE-2009-3728", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530098", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK ICC_Profile file existence detection information leak (6631533)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3728", }, { category: "external", summary: "RHBZ#530098", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530098", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3728", url: "https://www.cve.org/CVERecord?id=CVE-2009-3728", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3728", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3728", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK ICC_Profile file existence detection information leak (6631533)", }, { cve: "CVE-2009-3729", discovery_date: "2009-11-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "532904", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780.", title: "Vulnerability description", }, { category: "summary", text: "JRE TrueType font parsing crash (6815780)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3729", }, { category: "external", summary: "RHBZ#532904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532904", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3729", url: "https://www.cve.org/CVERecord?id=CVE-2009-3729", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3729", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3729", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "JRE TrueType font parsing crash (6815780)", }, { cve: "CVE-2009-3865", discovery_date: "2009-11-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533211", }, ], notes: [ { category: "description", text: "The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.", title: "Vulnerability description", }, { category: "summary", text: "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3865", }, { category: "external", summary: "RHBZ#533211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533211", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3865", url: "https://www.cve.org/CVERecord?id=CVE-2009-3865", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3865", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3865", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)", }, { cve: "CVE-2009-3866", discovery_date: "2009-11-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533212", }, ], notes: [ { category: "description", text: "The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824.", title: "Vulnerability description", }, { category: "summary", text: "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3866", }, { category: "external", summary: "RHBZ#533212", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533212", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3866", url: "https://www.cve.org/CVERecord?id=CVE-2009-3866", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3866", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3866", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)", }, { cve: "CVE-2009-3867", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2009-11-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533214", }, ], notes: [ { category: "description", text: "Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.", title: "Vulnerability description", }, { category: "summary", text: "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3867", }, { category: "external", summary: "RHBZ#533214", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533214", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3867", url: "https://www.cve.org/CVERecord?id=CVE-2009-3867", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3867", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3867", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)", }, { cve: "CVE-2009-3868", discovery_date: "2009-11-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533215", }, ], notes: [ { category: "description", text: "Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.", title: "Vulnerability description", }, { category: "summary", text: "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3868", }, { category: "external", summary: "RHBZ#533215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533215", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3868", url: "https://www.cve.org/CVERecord?id=CVE-2009-3868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3868", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3868", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)", }, { cve: "CVE-2009-3869", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530062", }, ], notes: [ { category: "description", text: "Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK JRE AWT setDifflCM stack overflow (6872357)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3869", }, { category: "external", summary: "RHBZ#530062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3869", url: "https://www.cve.org/CVERecord?id=CVE-2009-3869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3869", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3869", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK JRE AWT setDifflCM stack overflow (6872357)", }, { cve: "CVE-2009-3871", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530063", }, ], notes: [ { category: "description", text: "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK JRE AWT setBytePixels heap overflow (6872358)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3871", }, { category: "external", summary: "RHBZ#530063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530063", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3871", url: "https://www.cve.org/CVERecord?id=CVE-2009-3871", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3871", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3871", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK JRE AWT setBytePixels heap overflow (6872358)", }, { cve: "CVE-2009-3872", discovery_date: "2009-11-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "532906", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.", title: "Vulnerability description", }, { category: "summary", text: "JRE JPEG JFIF Decoder issue (6862969)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3872", }, { category: "external", summary: "RHBZ#532906", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532906", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3872", url: "https://www.cve.org/CVERecord?id=CVE-2009-3872", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3872", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3872", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "JRE JPEG JFIF Decoder issue (6862969)", }, { cve: "CVE-2009-3873", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530053", }, ], notes: [ { category: "description", text: "The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a \"quantization problem,\" aka Bug Id 6862968.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK JPEG Image Writer quantization problem (6862968)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3873", }, { category: "external", summary: "RHBZ#530053", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530053", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3873", url: "https://www.cve.org/CVERecord?id=CVE-2009-3873", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3873", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3873", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK JPEG Image Writer quantization problem (6862968)", }, { cve: "CVE-2009-3874", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530067", }, ], notes: [ { category: "description", text: "Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK ImageI/O JPEG heap overflow (6874643)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3874", }, { category: "external", summary: "RHBZ#530067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3874", url: "https://www.cve.org/CVERecord?id=CVE-2009-3874", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3874", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3874", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK ImageI/O JPEG heap overflow (6874643)", }, { cve: "CVE-2009-3875", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530057", }, ], notes: [ { category: "description", text: "The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to \"timing attack vulnerabilities,\" aka Bug Id 6863503.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3875", }, { category: "external", summary: "RHBZ#530057", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530057", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3875", url: "https://www.cve.org/CVERecord?id=CVE-2009-3875", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3875", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3875", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)", }, { cve: "CVE-2009-3876", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530061", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3876", }, { category: "external", summary: "RHBZ#530061", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530061", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3876", url: "https://www.cve.org/CVERecord?id=CVE-2009-3876", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3876", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3876", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", }, { cve: "CVE-2009-3877", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530061", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3877", }, { category: "external", summary: "RHBZ#530061", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530061", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3877", url: "https://www.cve.org/CVERecord?id=CVE-2009-3877", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3877", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3877", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", }, { cve: "CVE-2009-3879", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530297", }, ], notes: [ { category: "description", text: "Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK GraphicsConfiguration information leak(6822057)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3879", }, { category: "external", summary: "RHBZ#530297", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530297", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3879", url: "https://www.cve.org/CVERecord?id=CVE-2009-3879", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3879", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3879", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK GraphicsConfiguration information leak(6822057)", }, { cve: "CVE-2009-3880", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530296", }, ], notes: [ { category: "description", text: "The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK UI logging information leakage(6664512)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3880", }, { category: "external", summary: "RHBZ#530296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530296", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3880", url: "https://www.cve.org/CVERecord?id=CVE-2009-3880", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3880", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3880", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK UI logging information leakage(6664512)", }, { cve: "CVE-2009-3881", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530173", }, ], notes: [ { category: "description", text: "Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an \"information leak vulnerability,\" aka Bug Id 6636650.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK resurrected classloaders can still have children (6636650)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3881", }, { category: "external", summary: "RHBZ#530173", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530173", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3881", url: "https://www.cve.org/CVERecord?id=CVE-2009-3881", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3881", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3881", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK resurrected classloaders can still have children (6636650)", }, { cve: "CVE-2009-3882", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530175", }, ], notes: [ { category: "description", text: "Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657026.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK information leaks in mutable variables (6657026,6657138)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3882", }, { category: "external", summary: "RHBZ#530175", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530175", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3882", url: "https://www.cve.org/CVERecord?id=CVE-2009-3882", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3882", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3882", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK information leaks in mutable variables (6657026,6657138)", }, { cve: "CVE-2009-3883", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530175", }, ], notes: [ { category: "description", text: "Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to \"information leaks in mutable variables,\" aka Bug Id 6657138.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK information leaks in mutable variables (6657026,6657138)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3883", }, { category: "external", summary: "RHBZ#530175", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530175", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3883", url: "https://www.cve.org/CVERecord?id=CVE-2009-3883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3883", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3883", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK information leaks in mutable variables (6657026,6657138)", }, { cve: "CVE-2009-3884", discovery_date: "2009-10-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "530300", }, ], notes: [ { category: "description", text: "The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK zoneinfo file existence information leak (6824265)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3884", }, { category: "external", summary: "RHBZ#530300", url: "https://bugzilla.redhat.com/show_bug.cgi?id=530300", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3884", url: "https://www.cve.org/CVERecord?id=CVE-2009-3884", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3884", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3884", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK zoneinfo file existence information leak (6824265)", }, { cve: "CVE-2009-3886", discovery_date: "2009-11-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "532914", }, ], notes: [ { category: "description", text: "The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP (1) application or (2) applet, which has unspecified impact and attack vectors, related to a \"regression,\" aka Bug Id 6870531.", title: "Vulnerability description", }, { category: "summary", text: "REGRESSION: have problem to run JNLP app and applets with signed Jar files (6870531)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3886", }, { category: "external", summary: "RHBZ#532914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=532914", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3886", url: "https://www.cve.org/CVERecord?id=CVE-2009-3886", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3886", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3886", }, ], release_date: "2009-11-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-11-09T15:04:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:1560", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.17-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.17-1jpp.2.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.17-1jpp.2.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "REGRESSION: have problem to run JNLP app and applets with signed Jar files (6870531)", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.