FKIE_CVE-2009-2671

Vulnerability from fkie_nvd - Published: 2009-08-05 19:30 - Updated: 2026-04-23 00:35
Severity
Summary
The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.
References
cve@mitre.orghttp://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20
cve@mitre.orghttp://java.sun.com/javase/6/webnotes/6u15.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=125787273209737&w=2
cve@mitre.orghttp://secunia.com/advisories/36162
cve@mitre.orghttp://secunia.com/advisories/36176
cve@mitre.orghttp://secunia.com/advisories/36180
cve@mitre.orghttp://secunia.com/advisories/36199
cve@mitre.orghttp://secunia.com/advisories/36248
cve@mitre.orghttp://secunia.com/advisories/37300
cve@mitre.orghttp://secunia.com/advisories/37386
cve@mitre.orghttp://secunia.com/advisories/37460
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200911-02.xml
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1Patch
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1Patch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2009:209
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/507985/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/35943
cve@mitre.orghttp://www.securitytracker.com/id?1022659
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-294A.htmlUS Government Resource
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2009-0016.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2543
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/3316
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/52336
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11115
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8259
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1199.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1200.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1201.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
af854a3a-2127-422b-91ae-364da2661108http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20
af854a3a-2127-422b-91ae-364da2661108http://java.sun.com/javase/6/webnotes/6u15.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=125787273209737&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36162
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36176
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36180
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36199
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36248
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37300
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37386
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37460
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200911-02.xml
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/507985/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35943
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022659
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-294A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2009-0016.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2543
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3316
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/52336
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11115
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8259
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1199.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1200.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1201.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
Impacted products
Vendor Product Version
sun jdk *
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jre *
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jdk:*:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "E6AF4AEB-CB27-4AAB-B4A9-CC65EC831D77",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "6BB00A29-FEBB-4139-9E96-691EC1410EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "DD8CC179-F76E-4CC2-9CBD-69CBBA5BD532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C2DC7389-9697-4EF0-9C4E-153731CDD75D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "C5F476C8-5466-4E6B-B73B-4ACFBB02AD5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "D8C7C8C1-AA0D-4BD9-A8EC-85BBE627DE13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "BAF0844B-ECB1-4AF0-AA32-1B8789AC5042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "0EFEB813-B20D-4C8B-922D-0603CB93F72A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "41CE5B2D-5594-4026-BABF-CBE485764D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "DFB84BBA-D93E-4517-BA7A-FCFB860736CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "25322D24-C5D9-43A6-87CC-1BF7FA6A3E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "400FDCDE-16DE-4BD6-81E2-4A5DA12E99CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "82C49C78-ACE3-407D-AE21-EA180633C437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "5F91F8A2-D473-48DC-81DA-21291DE7B6E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "3E46B3B4-9E1C-4C87-A4CD-C4CE7FBCA7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "0F69C703-8541-4AA8-A66A-0292E0FCB749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "99E08AB2-49AD-42C6-967F-773F2C6E188A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "9459F130-A3DD-4A4E-9582-4FB82619EB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "D7680A8A-EC07-4819-A93C-B8EBF8B1199F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "FA89349B-834C-42D0-84C6-CA73CE1F8B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "B7865369-9DE6-4C20-ACD2-CCC14ED54701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "67E0818A-3675-4293-89FE-5001E36C0F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "95112B98-B6B2-43FA-BF76-F518649CF3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "3A18341A-3688-48E7-95AD-283EC9C95B4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "E301C59A-47F5-4861-9091-D0002CBA5B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "BCD4F889-710C-43C5-85DD-70E96F8FE313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "ED195051-AAC7-4EE1-B936-18D1C8AD2498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "44146DF6-F368-4F17-B379-34194873D80F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "18B70D77-F631-47D8-95A5-1D3A7E8BF63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "C150A6B7-9C4C-46E4-99B6-792A0D326E84",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "2A2379FC-BC33-4C90-97DD-ED3723172008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "86A1256D-7A34-4FDD-9536-82FD6497A712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "3BB5E47A-8C17-4995-9EF8-01BFA0B702B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "9300FA38-C234-4BD8-ADB6-D2A29EBA81DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "C87F6EE3-F66B-4F15-89BA-26A4D3AD2556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "56F0F497-6586-408B-80AF-6BC2B9909397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "1E022C6E-20DE-4124-9CA3-11400E13A05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "5A34B1CB-EE08-48BB-BEC1-0720801DA0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C9F7-ACD1-4A89-AB18-ADF595995772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_19:*:*:*:*:*:*",
              "matchCriteriaId": "89041A24-8354-410B-8026-875CC1791565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "D594E269-D722-45FC-B390-B0D38ADEC923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "3CAA89D6-651A-4B8C-A134-C3A2CB84002A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "B930EAFB-F2E6-4FCA-A21B-022656396A2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "4B20EB5F-D12A-4267-9887-C39A188EB9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "52347FDC-9983-4A64-8031-B4A50DDC9BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "C95654B3-ACA0-4B0D-9F31-B9C5FB7B9C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "8387A041-582A-4010-9C44-672090F41A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "D1F2D335-CDDF-4D2E-80CA-F1A0AF92501A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "2D6FCAFC-F41C-4C6F-9EA4-46AEFF65CC5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "8BA9E6CD-F43F-487D-9638-406B72D51471",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "9D2F4664-E158-45ED-81B6-D8371F1C6B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "CDC09958-5286-4C16-AB6F-63B4BDD902B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "BDE1E9E9-85EF-4ACA-902B-00225EB4324F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "E0CDBFCB-42EA-4F19-A98D-7696B0D526CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "53DCFF2A-77A7-41DB-A712-9B6D1FD2574A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "82C6F76F-68FD-4794-9182-935D85910C1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "6314C9DF-9421-445D-ABCC-79EDCED23156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "533670FA-B8DC-40B4-ADC1-CCD70E4A43A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "119B72FA-8B85-4D1F-8A14-5B07204DAED5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El SOCKS proxy implementado en Java Runtime Environment (JRE) en JDK y JRE v6 anterior Update v15, y JDK y JRE v5.0 anterior Update v20, permite a atacantes remotos descubrir la cuenta de usuario que invoca un (1) applet o (2)aplicaci\u00f3n Java Web Start no confiable a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2009-2671",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-05T19:30:01.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36176"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36180"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36199"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36248"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37300"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37460"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35943"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022659"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/2543"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3316"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52336"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11115"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8259"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36199"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.