Vulnerability Description
Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Jdk | <= 1.5.0 |
| Sun | Jre | <= 1.5.0 |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&obje
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
- http://marc.info/?l=bugtraq&m=124344236532162&w=2
- http://secunia.com/advisories/34489
- http://secunia.com/advisories/34495
- http://secunia.com/advisories/34496
- http://secunia.com/advisories/35156
- http://secunia.com/advisories/35223
- http://secunia.com/advisories/35255
- http://secunia.com/advisories/35416
- http://secunia.com/advisories/35776
- http://secunia.com/advisories/36185
FAQ
What is CVE-2009-1100?
CVE-2009-1100 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denia...
How severe is CVE-2009-1100?
CVE-2009-1100 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1100?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Jdk, Sun Jre.