FKIE_CVE-2009-2673

Vulnerability from fkie_nvd - Published: 2009-08-05 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.
References
cve@mitre.orghttp://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20
cve@mitre.orghttp://java.sun.com/javase/6/webnotes/6u15.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=125787273209737&w=2
cve@mitre.orghttp://osvdb.org/56785
cve@mitre.orghttp://secunia.com/advisories/36162
cve@mitre.orghttp://secunia.com/advisories/36176
cve@mitre.orghttp://secunia.com/advisories/36180
cve@mitre.orghttp://secunia.com/advisories/36199
cve@mitre.orghttp://secunia.com/advisories/36248
cve@mitre.orghttp://secunia.com/advisories/37300
cve@mitre.orghttp://secunia.com/advisories/37386
cve@mitre.orghttp://secunia.com/advisories/37460
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200911-02.xml
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1Patch, Vendor Advisory
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1Patch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2009:209
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/507985/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/35943
cve@mitre.orghttp://www.securitytracker.com/id?1022659
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-294A.htmlUS Government Resource
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2009-0016.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2543
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/3316
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/52338
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10263
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8558
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1199.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1200.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1201.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
af854a3a-2127-422b-91ae-364da2661108http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20
af854a3a-2127-422b-91ae-364da2661108http://java.sun.com/javase/6/webnotes/6u15.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=125787273209737&w=2
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/56785
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36162
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36176
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36180
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36199
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36248
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37300
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37386
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37460
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200911-02.xml
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1Patch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/507985/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35943
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022659
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-294A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2009-0016.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2543
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3316
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/52338
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10263
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8558
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1199.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1200.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1201.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
Impacted products
Vendor Product Version
sun jdk *
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 5.0
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jdk 6
sun jre *
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 5.0
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
sun jre 6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jdk:*:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "E6AF4AEB-CB27-4AAB-B4A9-CC65EC831D77",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "6BB00A29-FEBB-4139-9E96-691EC1410EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "DD8CC179-F76E-4CC2-9CBD-69CBBA5BD532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C2DC7389-9697-4EF0-9C4E-153731CDD75D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "C5F476C8-5466-4E6B-B73B-4ACFBB02AD5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "D8C7C8C1-AA0D-4BD9-A8EC-85BBE627DE13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "BAF0844B-ECB1-4AF0-AA32-1B8789AC5042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "0EFEB813-B20D-4C8B-922D-0603CB93F72A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "41CE5B2D-5594-4026-BABF-CBE485764D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "DFB84BBA-D93E-4517-BA7A-FCFB860736CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "25322D24-C5D9-43A6-87CC-1BF7FA6A3E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "400FDCDE-16DE-4BD6-81E2-4A5DA12E99CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "82C49C78-ACE3-407D-AE21-EA180633C437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "5F91F8A2-D473-48DC-81DA-21291DE7B6E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "3E46B3B4-9E1C-4C87-A4CD-C4CE7FBCA7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "0F69C703-8541-4AA8-A66A-0292E0FCB749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "99E08AB2-49AD-42C6-967F-773F2C6E188A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "9459F130-A3DD-4A4E-9582-4FB82619EB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "D7680A8A-EC07-4819-A93C-B8EBF8B1199F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "FA89349B-834C-42D0-84C6-CA73CE1F8B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "B7865369-9DE6-4C20-ACD2-CCC14ED54701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "67E0818A-3675-4293-89FE-5001E36C0F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "95112B98-B6B2-43FA-BF76-F518649CF3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "3A18341A-3688-48E7-95AD-283EC9C95B4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "E301C59A-47F5-4861-9091-D0002CBA5B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "BCD4F889-710C-43C5-85DD-70E96F8FE313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "ED195051-AAC7-4EE1-B936-18D1C8AD2498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "44146DF6-F368-4F17-B379-34194873D80F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jdk:6:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "18B70D77-F631-47D8-95A5-1D3A7E8BF63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "C150A6B7-9C4C-46E4-99B6-792A0D326E84",
              "versionEndIncluding": "6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "2A2379FC-BC33-4C90-97DD-ED3723172008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "86A1256D-7A34-4FDD-9536-82FD6497A712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "3BB5E47A-8C17-4995-9EF8-01BFA0B702B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "9300FA38-C234-4BD8-ADB6-D2A29EBA81DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "C87F6EE3-F66B-4F15-89BA-26A4D3AD2556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "56F0F497-6586-408B-80AF-6BC2B9909397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "1E022C6E-20DE-4124-9CA3-11400E13A05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "5A34B1CB-EE08-48BB-BEC1-0720801DA0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C9F7-ACD1-4A89-AB18-ADF595995772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_19:*:*:*:*:*:*",
              "matchCriteriaId": "89041A24-8354-410B-8026-875CC1791565",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "D594E269-D722-45FC-B390-B0D38ADEC923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "3CAA89D6-651A-4B8C-A134-C3A2CB84002A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "B930EAFB-F2E6-4FCA-A21B-022656396A2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "4B20EB5F-D12A-4267-9887-C39A188EB9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "52347FDC-9983-4A64-8031-B4A50DDC9BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "C95654B3-ACA0-4B0D-9F31-B9C5FB7B9C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "8387A041-582A-4010-9C44-672090F41A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "D1F2D335-CDDF-4D2E-80CA-F1A0AF92501A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "2D6FCAFC-F41C-4C6F-9EA4-46AEFF65CC5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "8BA9E6CD-F43F-487D-9638-406B72D51471",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "9D2F4664-E158-45ED-81B6-D8371F1C6B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "CDC09958-5286-4C16-AB6F-63B4BDD902B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "BDE1E9E9-85EF-4ACA-902B-00225EB4324F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "E0CDBFCB-42EA-4F19-A98D-7696B0D526CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "53DCFF2A-77A7-41DB-A712-9B6D1FD2574A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "82C6F76F-68FD-4794-9182-935D85910C1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "6314C9DF-9421-445D-ABCC-79EDCED23156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "533670FA-B8DC-40B4-ADC1-CCD70E4A43A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:6:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "119B72FA-8B85-4D1F-8A14-5B07204DAED5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword."
    },
    {
      "lang": "es",
      "value": "El mecanismo proxy implementado en Sun Java Runtime Environment (JRE) en JDK y JRE v6 anteriores Update v15, y JDK y JRE v5.0 anteriores Update v20, permite a atacantes remotos evitar las restricciones de acceso previstas y conectarse a sitios a su elecci\u00f3n a trav\u00e9s de vectores no especificados, relacionados con una declaraci\u00f3n que carece de clave final."
    }
  ],
  "id": "CVE-2009-2673",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-05T19:30:01.233",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/56785"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36176"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36180"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36199"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36248"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37300"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37460"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35943"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022659"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/2543"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3316"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52338"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10263"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8558"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/56785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36199"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.