CVE Vulnerabilities

CVE-2009-3885

Published: Nov 09, 2009 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445.

Affected Software

Name Vendor Start Version End Version
Jre Sun * 1.5.0 (including)
Jre Sun * 1.6.0 (including)
Jre Sun 1.5.0-update_1 (including) 1.5.0-update_1 (including)
Jre Sun 1.5.0-update_11 (including) 1.5.0-update_11 (including)
Jre Sun 1.5.0-update_12 (including) 1.5.0-update_12 (including)
Jre Sun 1.5.0-update_13 (including) 1.5.0-update_13 (including)
Jre Sun 1.5.0-update_14 (including) 1.5.0-update_14 (including)
Jre Sun 1.5.0-update_15 (including) 1.5.0-update_15 (including)
Jre Sun 1.5.0-update_16 (including) 1.5.0-update_16 (including)
Jre Sun 1.5.0-update_17 (including) 1.5.0-update_17 (including)
Jre Sun 1.5.0-update_18 (including) 1.5.0-update_18 (including)
Jre Sun 1.5.0-update_19 (including) 1.5.0-update_19 (including)
Jre Sun 1.5.0-update_2 (including) 1.5.0-update_2 (including)
Jre Sun 1.5.0-update_20 (including) 1.5.0-update_20 (including)
Jre Sun 1.5.0-update_3 (including) 1.5.0-update_3 (including)
Jre Sun 1.5.0-update_4 (including) 1.5.0-update_4 (including)
Jre Sun 1.5.0-update_5 (including) 1.5.0-update_5 (including)
Jre Sun 1.5.0-update_6 (including) 1.5.0-update_6 (including)
Jre Sun 1.5.0-update_7 (including) 1.5.0-update_7 (including)
Jre Sun 1.5.0-update_8 (including) 1.5.0-update_8 (including)
Jre Sun 1.5.0-update_9 (including) 1.5.0-update_9 (including)
Jre Sun 1.6.0-update_1 (including) 1.6.0-update_1 (including)
Jre Sun 1.6.0-update_10 (including) 1.6.0-update_10 (including)
Jre Sun 1.6.0-update_11 (including) 1.6.0-update_11 (including)
Jre Sun 1.6.0-update_12 (including) 1.6.0-update_12 (including)
Jre Sun 1.6.0-update_13 (including) 1.6.0-update_13 (including)
Jre Sun 1.6.0-update_14 (including) 1.6.0-update_14 (including)
Jre Sun 1.6.0-update_15 (including) 1.6.0-update_15 (including)
Jre Sun 1.6.0-update_2 (including) 1.6.0-update_2 (including)
Jre Sun 1.6.0-update_3 (including) 1.6.0-update_3 (including)
Jre Sun 1.6.0-update_4 (including) 1.6.0-update_4 (including)
Jre Sun 1.6.0-update_5 (including) 1.6.0-update_5 (including)
Jre Sun 1.6.0-update_6 (including) 1.6.0-update_6 (including)
Jre Sun 1.6.0-update_7 (including) 1.6.0-update_7 (including)
Jre Sun 1.6.0-update_8 (including) 1.6.0-update_8 (including)
Jre Sun 1.6.0-update_9 (including) 1.6.0-update_9 (including)
Jre Sun 1.6.0_0 (including) 1.6.0_0 (including)
Jre Sun 1.6.0_10 (including) 1.6.0_10 (including)
Openjdk-6 Ubuntu hardy *
Openjdk-6 Ubuntu intrepid *
Openjdk-6 Ubuntu jaunty *
Openjdk-6 Ubuntu karmic *
Openjdk-6 Ubuntu upstream *
Sun-java5 Ubuntu dapper *
Sun-java5 Ubuntu intrepid *
Sun-java5 Ubuntu jaunty *
Sun-java5 Ubuntu upstream *
Sun-java6 Ubuntu hardy *
Sun-java6 Ubuntu intrepid *
Sun-java6 Ubuntu jaunty *
Sun-java6 Ubuntu karmic *
Sun-java6 Ubuntu lucid *
Sun-java6 Ubuntu upstream *

References