Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2009-3881

CVE information

Published

14 years ago

Last Modified

6 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650..

CVSSv2.0 Score

Severity
High
Base Score
7.5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
6.4/10
Confidentiality Impact
Partial
Availability Impact
Partial
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_14:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_13:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_11:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_12:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_15:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_19:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_16:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_18:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_20:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_8:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_8:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_17:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_7:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:*:update_16:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.5.0:update_9:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
  Yes
- -