CVE-2009-2625
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD
Description
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Affected (56)
Products: Oracle: Jdk, Primavera P6 Enterprise Project Portfolio Management, Primavera Web Services · Fedoraproject: Fedora · Opensuse: Opensuse · +4 more
Show all products
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.0 | |
| Version 10 sp2 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.06 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6.1 | |
| Version 6.2.1 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.9.1 |
References (126)
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Broken LinkPatch
Source: cret@cert.org
Broken LinkPatchVendor Advisory
Source: cret@cert.org
Broken Link
Source: cret@cert.org
PatchVendor Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Mailing ListPatchThird Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Broken Link
Source: cret@cert.org
Third Party AdvisoryVDB Entry
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Issue TrackingThird Party Advisory
Source: cret@cert.org
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Third Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: cret@cert.org
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Timeline
No history available yet.