Vulnerability Description
Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Jre | <= 1.5.0 |
| Sun | Openjdk | All versions |
References
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.htmlVendor Advisory
- http://java.sun.com/javase/6/webnotes/6u17.htmlVendor Advisory
- http://secunia.com/advisories/37386
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- https://bugzilla.redhat.com/show_bug.cgi?id=530297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://java.sun.com/j2se/1.5.0/ReleaseNotes.htmlVendor Advisory
- http://java.sun.com/javase/6/webnotes/6u17.htmlVendor Advisory
- http://secunia.com/advisories/37386
- http://security.gentoo.org/glsa/glsa-200911-02.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- https://bugzilla.redhat.com/show_bug.cgi?id=530297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2009-3879?
CVE-2009-3879 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vecto...
How severe is CVE-2009-3879?
CVE-2009-3879 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3879?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Jre, Sun Openjdk.