CVE-2009-1105

{"id": "CVE-2009-1105", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-03-25T23:30:00.453", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133", "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=124344236532162&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/34496", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35156", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35255", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/36185", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37386", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/37460", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39819", "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml", "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254611-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.apple.com/kb/HT4171", "source": "cve@mitre.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0392.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-1038.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/34240", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1021920", "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1426", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/3316", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/1191", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49458", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6642", "source": "cve@mitre.org"}, {"url": "https://rhn.redhat.com/errata/RHSA-2009-1198.html", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490."}, {"lang": "es", "value": "El plug-in en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v6 Update 12, 11 y 10 permite a atacantes remotos asistidos por usuarios locales, provocar una que un applet de confianza ejecutarse en una versi\u00f3n del JRE antigua, lo que puede ser utilizado para explotar vulnerabilidades en esa versi\u00f3n antigua, tambi\u00e9n conocido como CR 6706490."}], "lastModified": "2018-10-10T19:34:13.743", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DDA9F90-5D16-4E04-B285-D32C362279C6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}