Sun Java JRE Multiple Vulnerabilities (254569 / 254611 / 254608 ..)

high Nessus Plugin ID 36034
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote Windows host contains a runtime environment that is affected by multiple vulnerabilities.


The version of Sun Java Runtime Environment (JRE) installed on the remote host is earlier than 6 Update 13 / 5.0 Update 18 / 1.4.2_20 / 1.3.1_25. Such versions are potentially affected by the following security issues :

- A denial of service vulnerability affects the JRE LDAP implementation. (254569).

- A remote code execution vulnerability in the JRE LDAP implementation may allow for arbitrary code to be run in the context of the affected LDAP client. (254569)

- There are multiple integer and buffer overflow vulnerabilities when unpacking applets and Java Web Start applications using the 'unpack2000' utility.

- There are multiple denial of service vulnerabilities related to the storing and processing of temporary font files. (254608)

- A privilege-escalation vulnerability affects the Java Plug-in when deserializing applets. (254611)

- A weakness in the Java Plug-in allows JavaScript loaded from the localhost to connect to arbitrary ports on the local system. (254611)

- A vulnerability in the Java Plug-in allows malicious JavaScript code to exploit vulnerabilities in earlier versions of the JRE that have been loaded by an applet located on the same web page. (254611)

- An issue exists in the Java Plug-in when parsing 'crossdomain.xml' allows an untrusted applet to connect to an arbitrary site hosting a 'crossdomain.xml' file.

- The Java Plug-in allows a malicious signed applet to obscure the contents of a security dialog. (254611)

- The JRE Virtual Machine is affected by a privilege-escalation vulnerability. (254610)

- There are multiple buffer overflow vulnerabilities involving the JRE's processing of PNG and GIF images.

- There are multiple buffer overflow vulnerabilities involving the JRE's processing of fonts. (254571)

- A denial of service vulnerability affects the JRE HTTP server implementation, which could be used to cause a denial of service on a JAX-WS service endpoint. (254609)


Update to Sun Java JDK / JRE 6 Update 13, JDK / JRE 5.0 Update 18, SDK / JRE 1.4.2_20, or SDK / JRE 1.3.1_25 or later and remove, if necessary, any affected versions.

See Also

Plugin Details

Severity: High

ID: 36034

File Name: sun_java_jre_254569.nasl

Version: 1.26

Type: local

Agent: windows

Family: Windows

Published: 3/27/2009

Updated: 11/15/2018

Dependencies: sun_java_jre_installed.nasl

Risk Information


Risk Factor: Medium

Score: 6


Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C


Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*

Required KB Items: SMB/Java/JRE/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/24/2009

Reference Information

CVE: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107, CVE-2006-2426, CVE-2009-1102

BID: 34240

CWE: 119, 20, 189, 16, 94