Description
Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.
Published: 2009-11-05
Score: 9.3 Critical
EPSS: 78.5% High
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-859-1 OpenJDK vulnerabilities
References
Link Providers
http://java.sun.com/javase/6/webnotes/6u17.html cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=126566824131534&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=131593453929393&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=134254866602253&w=2 cve-icon cve-icon
http://secunia.com/advisories/37231 cve-icon cve-icon
http://secunia.com/advisories/37239 cve-icon cve-icon
http://secunia.com/advisories/37386 cve-icon cve-icon
http://secunia.com/advisories/37581 cve-icon cve-icon
http://secunia.com/advisories/37841 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-200911-02.xml cve-icon cve-icon
http://securitytracker.com/id?1023132 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1 cve-icon cve-icon
http://support.apple.com/kb/HT3969 cve-icon cve-icon
http://support.apple.com/kb/HT3970 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2009-1694.html cve-icon cve-icon
http://www.securityfocus.com/bid/36881 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/3131 cve-icon cve-icon
http://zerodayinitiative.com/advisories/ZDI-09-078/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2009-3869 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10741 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11262 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7400 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8566 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2009-3869 cve-icon
History

No history.

Subscriptions

Microsoft Windows
Redhat Enterprise Linux Network Satellite Rhel Extras Rhel Extras Sap
Sun Java Se Jdk Jre Sdk Solaris
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T06:45:49.673Z

Reserved: 2009-11-05T00:00:00.000Z

Link: CVE-2009-3869

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-11-05T16:30:00.390

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-3869

cve-icon Redhat

Severity : Important

Publid Date: 2009-11-03T00:00:00Z

Links: CVE-2009-3869 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses