CVE-2009-2676 — MEDIUM (6.8)

Q: How severe is CVE-2009-2676?

CVE-2009-2676 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-2676?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Java Se, Sun Jdk, Sun Jre, Sun Sdk.

Vulnerability Description

Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Sun	Java Se	All versions
Sun	Jdk	<= 1.5.0
Sun	Jre	<= 1.5.0
Sun	Sdk	<= 1.4.2_21

References

FAQ

What is CVE-2009-2676?

CVE-2009-2676 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK a...

How severe is CVE-2009-2676?

CVE-2009-2676 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-2676?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Java Se, Sun Jdk, Sun Jre, Sun Sdk.