Vulnerability CVE-2009-1099

Vulnerability Name:

CVE-2009-1099 (CCN-49473)

Assigned:

2009-03-23

Published:

2009-03-23

Updated:

2018-10-10

Summary:

Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Gain Access

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:sun:java_runtime_environment:5.0:*:17:*:*:*:*:*

OR cpe:/a:sun:java_runtime_environment:6.0:*:12:*:*:*:*:*

OR cpe:/a:sun:java_se_development_kit:*:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:sun:jre:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update12:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update15:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update14:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update13:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update16:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update17:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update12:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update12:*:*:*:*:*:*

OR cpe:/a:sun:java:*:*:*:*:*:*:*:*

AND

cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*

OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20091099	V	CVE-2009-1099	2022-05-20
oval:org.mitre.oval:def:22725	P	ELSA-2009:1038: java-1.5.0-ibm security update (Critical)	2014-05-26
oval:org.mitre.oval:def:22876	P	ELSA-2009:1198: java-1.6.0-ibm security update (Critical)	2014-05-26
oval:org.mitre.oval:def:21833	P	ELSA-2009:0392: java-1.6.0-sun security update (Critical)	2014-05-26
oval:org.mitre.oval:def:22708	P	ELSA-2009:0394: java-1.5.0-sun security update (Critical)	2014-05-26
oval:org.mitre.oval:def:5726	V	Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE)	2014-01-20
oval:com.redhat.rhsa:def:20091198	P	RHSA-2009:1198: java-1.6.0-ibm security update (Critical)	2009-08-06
oval:com.redhat.rhsa:def:20091038	P	RHSA-2009:1038: java-1.5.0-ibm security update (Critical)	2009-05-18
oval:com.redhat.rhsa:def:20090392	P	RHSA-2009:0392: java-1.6.0-sun security update (Critical)	2009-03-26
oval:com.redhat.rhsa:def:20090394	P	RHSA-2009:0394: java-1.5.0-sun security update (Critical)	2009-03-26

BACK