github - ghsa-pc3p-mx4p-7j4f

ghsa-pc3p-mx4p-7j4f

Vulnerability from github

Published

2022-05-02 03:49

Modified

2022-05-02 03:49

Details

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-3884"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-11-09T19:30:00Z",
    "severity": "MODERATE"
  },
  "details": "The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.",
  "id": "GHSA-pc3p-mx4p-7j4f",
  "modified": "2022-05-02T03:49:40Z",
  "published": "2022-05-02T03:49:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3884"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530300"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960"
    },
    {
      "type": "WEB",
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
    },
    {
      "type": "WEB",
      "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37581"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3969"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3970"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2009-3884

Vulnerability from cvelistv5

Published

2009-11-09 19:00

Modified

2024-08-07 06:45

Severity

Summary

References

URL	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=530300	x_refsource_CONFIRM
http://support.apple.com/kb/HT3970	x_refsource_CONFIRM
http://support.apple.com/kb/HT3969	x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200911-02.xml	vendor-advisory, x_refsource_GENTOO
http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html	vendor-advisory, x_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11686	vdb-entry, signature, x_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6960	vdb-entry, signature, x_refsource_OVAL
http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html	vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/37581	third-party-advisory, x_refsource_SECUNIA
http://java.sun.com/javase/6/webnotes/6u17.html	x_refsource_CONFIRM
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084	vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/37386	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website