VDB
CVE-2009-2674
CVE-2009-2674
PUBLISHED
CVSS 7.5 HIGH
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.
EPSS 3.98% · 88.6th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
3.98%
88.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| sun | jre | 6, 6, 6 |
| sun | jdk | 1.6.0, 6, 6 |
Exploit Intelligence
- http://www.zerodayinitiative.com/advisories/ZDI-09-050/ (circl)
- RHSA-2009:1200 (circl)
- 36162 (circl)
- ADV-2009-2543 (circl)
- GLSA-200911-02 (circl)
- HPSBUX02476 (circl)
- oval:org.mitre.oval:def:10073 (circl)
- 36248 (circl)
- 263428 (circl)
- MDVSA-2009:209 (circl)
…and 16 more exploits
Timeline
- Aug 5, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 11, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://www.zerodayinitiative.com/advisories/ZDI-09-050/ url
- RHSA-2009:1200 vendor-advisory
- 36162 third-party-advisory
- ADV-2009-2543 vdb
- GLSA-200911-02 vendor-advisory
- HPSBUX02476 vendor-advisory
- oval:org.mitre.oval:def:10073 vdb
- 36248 third-party-advisory
- 263428 vendor-advisory
- MDVSA-2009:209 vendor-advisory
- FEDORA-2009-8329 vendor-advisory
- TA09-294A third-party-advisory
- 36180 third-party-advisory
- oval:org.mitre.oval:def:8073 vdb
- http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html url
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1 url
- 36176 third-party-advisory
- FEDORA-2009-8337 vendor-advisory
- SUSE-SR:2009:016 vendor-advisory
- 37300 third-party-advisory
…and 8 more