Vulnerability Description
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Java Se | <= 5.0 |
References
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.htmlPatchVendor Advisory
- http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1PatchVendor Advisory
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/2543
- http://www.vupen.com/english/advisories/2009/3316
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.htmlPatchVendor Advisory
- http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
- http://secunia.com/advisories/37386
- http://secunia.com/advisories/37460
- http://security.gentoo.org/glsa/glsa-200911-02.xml
FAQ
What is CVE-2009-2723?
CVE-2009-2723 is a vulnerability with a CVSS score of 10.0 (HIGH). Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
How severe is CVE-2009-2723?
CVE-2009-2723 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2723?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Java Se.