CVE-2009-1100

high

Description

Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.

References

https://rhn.redhat.com/errata/RHSA-2009-1198.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6224

http://www.vupen.com/english/advisories/2009/3316

http://www.vupen.com/english/advisories/2009/1426

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

http://www.ubuntu.com/usn/usn-748-1

http://www.securitytracker.com/id?1021917

http://www.securityfocus.com/bid/34240

http://www.securityfocus.com/archive/1/507985/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2009-1038.html

http://www.redhat.com/support/errata/RHSA-2009-0394.html

http://www.redhat.com/support/errata/RHSA-2009-0392.html

http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm

http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254608-1

http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1

http://security.gentoo.org/glsa/glsa-200911-02.xml

http://secunia.com/advisories/37460

http://secunia.com/advisories/37386

http://secunia.com/advisories/36185

http://secunia.com/advisories/35776

http://secunia.com/advisories/35416

http://secunia.com/advisories/35255

http://secunia.com/advisories/35223

http://secunia.com/advisories/35156

http://secunia.com/advisories/34496

http://secunia.com/advisories/34495

http://secunia.com/advisories/34489

http://marc.info/?l=bugtraq&m=124344236532162&w=2

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

Details

Source: Mitre, NVD

Published: 2009-03-25

Updated: 2018-10-10

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High