CVE-2009-3871

Severity

Theme

CVE-2009-3871

high

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.

ID	Name	Product	Family	Severity
89736	VMware ESX Java Runtime Environment (JRE) Multiple Vulnerabilities (VMSA-2010-0002) (remote check)	Nessus	VMware ESX Local Security Checks	critical
67960	Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2009-1584)	Nessus	Oracle Linux Local Security Checks	critical
67075	CentOS 5 : java-1.6.0-openjdk (CESA-2009:1584)	Nessus	CentOS Local Security Checks	critical
64831	Sun Java JRE Multiple Vulnerabilities (269868 / 269869 / 270476 ...) (Unix)	Nessus	Misc.	high
60691	Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
49863	SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6741)	Nessus	SuSE Local Security Checks	high
49861	SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6755)	Nessus	SuSE Local Security Checks	high
46176	Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084)	Nessus	Mandriva Local Security Checks	high
45386	VMSA-2010-0002 : VMware vCenter update release addresses multiple security issues in Java JRE	Nessus	VMware ESX Local Security Checks	critical
44029	RHEL 4 / 5 : IBM Java Runtime in Satellite Server (RHSA-2010:0043)	Nessus	Red Hat Local Security Checks	critical
43872	SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1748)	Nessus	SuSE Local Security Checks	high
43859	SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 6757)	Nessus	SuSE Local Security Checks	high
43857	SuSE 11 Security Update : IBM Java 1.4.2 (SAT Patch Number 1744)	Nessus	SuSE Local Security Checks	high
43854	SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12565)	Nessus	SuSE Local Security Checks	high
43822	SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6740)	Nessus	SuSE Local Security Checks	high
43599	SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12564)	Nessus	SuSE Local Security Checks	high
43597	RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2009:1694)	Nessus	Red Hat Local Security Checks	critical
43079	RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2009:1647)	Nessus	Red Hat Local Security Checks	critical
43048	RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2009:1643)	Nessus	Red Hat Local Security Checks	critical
43003	Mac OS X : Java for Mac OS X 10.6 Update 1	Nessus	MacOS X Local Security Checks	high
43002	Mac OS X : Java for Mac OS X 10.5 Update 6	Nessus	MacOS X Local Security Checks	high
42926	openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1613)	Nessus	SuSE Local Security Checks	high
42923	openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1613)	Nessus	SuSE Local Security Checks	high
42921	openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1613)	Nessus	SuSE Local Security Checks	high
42857	SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 1542)	Nessus	SuSE Local Security Checks	high
42855	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42853	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42851	openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)	Nessus	SuSE Local Security Checks	high
42834	GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
42828	RHEL 5 : java-1.6.0-openjdk (RHSA-2009:1584)	Nessus	Red Hat Local Security Checks	critical
42817	Ubuntu 8.10 / 9.04 / 9.10 : openjdk-6 vulnerabilities (USN-859-1)	Nessus	Ubuntu Local Security Checks	critical
42806	Fedora 10 : java-1.6.0-openjdk-1.6.0.0-23.b16.fc10 (2009-11490)	Nessus	Fedora Local Security Checks	high
42805	Fedora 12 : java-1.6.0-openjdk-1.6.0.0-33.b16.fc12 (2009-11489)	Nessus	Fedora Local Security Checks	high
42802	Fedora 11 : java-1.6.0-openjdk-1.6.0.0-30.b16.fc11 (2009-11486)	Nessus	Fedora Local Security Checks	high
42460	openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1529)	Nessus	SuSE Local Security Checks	high
42457	openSUSE Security Update : java-1_5_0-sun (java-1_5_0-sun-1529)	Nessus	SuSE Local Security Checks	high
42455	RHEL 4 / 5 : java-1.5.0-sun (RHSA-2009:1571)	Nessus	Red Hat Local Security Checks	critical
42431	RHEL 4 / 5 : java-1.6.0-sun (RHSA-2009:1560)	Nessus	Red Hat Local Security Checks	critical
42373	Sun Java JRE Multiple Vulnerabilities (269868 / 269869 / 270476 ..)	Nessus	Windows	high

CVE-2009-3871

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

critical

critical

critical

high

high

high

high

high

critical

critical

high

high

high

high

high

high

critical

critical

critical

high

high

high

high

high

high

high

high

high

critical

critical

critical

high

high

high

high

high

critical

critical

high