CVE-2009-2690 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-2690 PUBLISHED CVSS 5 MEDIUM

The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.

EPSS 4.37% · 88.9th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

4.37%

88.9th percentile

Affected Products

Vendor	Product	Versions
sun	java_se	0
sun	openjdk
n/a	n/a	n/a

Timeline

Aug 10, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

RHSA-2009:1200 vendor-advisory
36162 third-party-advisory
ADV-2009-2543 vdb
GLSA-200911-02 vendor-advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1 url
oval:org.mitre.oval:def:9443 vdb
https://bugzilla.redhat.com/show_bug.cgi?id=513223 url
MDVSA-2009:209 vendor-advisory
FEDORA-2009-8329 vendor-advisory
http://java.sun.com/javase/6/webnotes/6u15.html url
36180 third-party-advisory
36176 third-party-advisory
FEDORA-2009-8337 vendor-advisory
SUSE-SR:2009:016 vendor-advisory
APPLE-SA-2009-09-03-1 vendor-advisory
RHSA-2009:1201 vendor-advisory
37386 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2009-2690 advisory

Open in Interactive Console →