← Back

CVE-2009-3873

nvd nist
Published: Nov 5, 2009Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968.

Affected (204)

Products: Sun: Sdk, Jre, Jdk
Sun
3 products
Sdk
Jre
Jdk
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdk
Version 1.4.2_01
Running on/withPlatform Versions
Sun
Solaris
All versions
Configuration C
69 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sun
Jre
Version 1.3.1_01
Jre
Version 1.3.1_01a
Jre
Version 1.3.1_02
Jre
Version 1.3.1_03
Jre
Version 1.3.1_04
Jre
Version 1.3.1_05
Jre
Version 1.3.1_06
Jre
Version 1.3.1_07
Jre
Version 1.3.1_08
Jre
Version 1.3.1_09
Jre
Version 1.3.1_10
Jre
Version 1.3.1_11
Jre
Version 1.3.1_12
Jre
Version 1.3.1_13
Jre
Version 1.3.1_14
Jre
Version 1.3.1_15
Jre
Version 1.3.1_16
Jre
Version 1.3.1_17
Jre
Version 1.3.1_18
Jre
Version 1.3.1_19
Jre
Version 1.3.1_1
Jre
Version 1.3.1_20
Jre
Version 1.3.1_21
Jre
Version 1.3.1_22
Jre
Version 1.3.1_23
Jre
Version 1.3.1_24
Jre
Version 1.3.1_25
Jre
Version 1.3.1_2
Jre
Version 1.3.1_3
Jre
Version 1.3.1_4
Jre
Version 1.3.1_5
Jre
Version 1.3.1_6
Jre
Version 1.3.1_7
Jre
Version 1.3.1_8
Jre
Version 1.3.1_9
Sun
Sdk
Version 1.3.1_01
Sdk
Version 1.3.1_01a
Sdk
Version 1.3.1_02
Sdk
Version 1.3.1_03
Sdk
Version 1.3.1_04
Sdk
Version 1.3.1_05
Sdk
Version 1.3.1_06
Sdk
Version 1.3.1_07
Sdk
Version 1.3.1_08
Sdk
Version 1.3.1_09
Sdk
Version 1.3.1_10
Sdk
Version 1.3.1_11
Sdk
Version 1.3.1_12
Sdk
Version 1.3.1_13
Sdk
Version 1.3.1_14
Sdk
Version 1.3.1_15
Sdk
Version 1.3.1_16
Sdk
Version 1.3.1_17
Sdk
Version 1.3.1_18
Sdk
Version 1.3.1_19
Sdk
Version 1.3.1_20
Sdk
Version 1.3.1_21
Sdk
Version 1.3.1_22
Sdk
Version 1.3.1_23
Sdk
Version 1.3.1_24
Sdk
Version 1.3.1_25
Sdk
Version 1.3.1_2
Sdk
Version 1.3.1_3
Sdk
Version 1.3.1_4
Sdk
Version 1.3.1_5
Sdk
Version 1.3.1_6
Sdk
Version 1.3.1_7
Sdk
Version 1.3.1_8
Sdk
Version 1.3.1_9
Running on/withPlatform Versions
Microsoft
Windows
All versions
Configuration D
134 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sun
Jdk
Version 1.5.0 update_10
Jdk
Version 1.5.0 update_11
Jdk
Version 1.5.0 update_12
Jdk
Version 1.5.0 update_13
Jdk
Version 1.5.0 update_14
Jdk
Version 1.5.0 update_15
Jdk
Version 1.5.0 update_16
Jdk
Version 1.5.0 update_17
Jdk
Version 1.5.0 update_18
Jdk
Version 1.5.0 update_19
Jdk
Version 1.5.0 update_1
Jdk
Version 1.5.0 update_20
Jdk
Version 1.5.0 update_21
Jdk
Version 1.5.0 update_2
Jdk
Version 1.5.0 update_3
Jdk
Version 1.5.0 update_4
Jdk
Version 1.5.0 update_5
Jdk
Version 1.5.0 update_6
Jdk
Version 1.5.0 update_7
Jdk
Version 1.5.0 update_8
Jdk
Version 1.5.0 update_9
Jdk
Version 1.6.0 update2
Jdk
Version 1.6.0 update_10
Jdk
Version 1.6.0 update_11
Jdk
Version 1.6.0 update_12
Jdk
Version 1.6.0 update_13
Jdk
Version 1.6.0 update_14
Jdk
Version 1.6.0 update_15
Jdk
Version 1.6.0 update_16
Jdk
Version 1.6.0 update_1
Jdk
Version 1.6.0 update_3
Jdk
Version 1.6.0 update_4
Jdk
Version 1.6.0 update_5
Jdk
Version 1.6.0 update_6
Jdk
Version 1.6.0 update_7
Jdk
Version 1.6.0 update_8
Jdk
Version 1.6.0 update_9
Sun
Jre
Version 1.4.2_01
Jre
Version 1.4.2_02
Jre
Version 1.4.2_03
Jre
Version 1.4.2_04
Jre
Version 1.4.2_05
Jre
Version 1.4.2_06
Jre
Version 1.4.2_07
Jre
Version 1.4.2_08
Jre
Version 1.4.2_09
Jre
Version 1.4.2_10
Jre
Version 1.4.2_11
Jre
Version 1.4.2_12
Jre
Version 1.4.2_13
Jre
Version 1.4.2_14
Jre
Version 1.4.2_15
Jre
Version 1.4.2_16
Jre
Version 1.4.2_17
Jre
Version 1.4.2_18
Jre
Version 1.4.2_19
Jre
Version 1.4.2_1
Jre
Version 1.4.2_20
Jre
Version 1.4.2_21
Jre
Version 1.4.2_22
Jre
Version 1.4.2_2
Jre
Version 1.4.2_3
Jre
Version 1.4.2_4
Jre
Version 1.4.2_5
Jre
Version 1.4.2_6
Jre
Version 1.4.2_7
Jre
Version 1.4.2_8
Jre
Version 1.4.2_9
Jre
Version 1.5.0 update_11
Jre
Version 1.5.0 update_12
Jre
Version 1.5.0 update_13
Jre
Version 1.5.0 update_14
Jre
Version 1.5.0 update_15
Jre
Version 1.5.0 update_16
Jre
Version 1.5.0 update_17
Jre
Version 1.5.0 update_18
Jre
Version 1.5.0 update_19
Jre
Version 1.5.0 update_1
Jre
Version 1.5.0 update_20
Jre
Version 1.5.0 update_21
Jre
Version 1.5.0 update_2
Jre
Version 1.5.0 update_3
Jre
Version 1.5.0 update_4
Jre
Version 1.5.0 update_5
Jre
Version 1.5.0 update_6
Jre
Version 1.5.0 update_7
Jre
Version 1.5.0 update_8
Jre
Version 1.5.0 update_9
Jre
Version 1.6.0 update_10
Jre
Version 1.6.0 update_11
Jre
Version 1.6.0 update_12
Jre
Version 1.6.0 update_13
Jre
Version 1.6.0 update_14
Jre
Version 1.6.0 update_15
Jre
Version 1.6.0 update_16
Jre
Version 1.6.0 update_1
Jre
Version 1.6.0 update_2
Jre
Version 1.6.0 update_3
Jre
Version 1.6.0 update_4
Jre
Version 1.6.0 update_5
Jre
Version 1.6.0 update_6
Jre
Version 1.6.0 update_7
Jre
Version 1.6.0 update_8
Jre
Version 1.6.0 update_9
Sun
Sdk
Version 1.4.2_02
Sdk
Version 1.4.2_03
Sdk
Version 1.4.2_04
Sdk
Version 1.4.2_05
Sdk
Version 1.4.2_06
Sdk
Version 1.4.2_07
Sdk
Version 1.4.2_08
Sdk
Version 1.4.2_09
Sdk
Version 1.4.2_10
Sdk
Version 1.4.2_11
Sdk
Version 1.4.2_12
Sdk
Version 1.4.2_13
Sdk
Version 1.4.2_14
Sdk
Version 1.4.2_15
Sdk
Version 1.4.2_16
Sdk
Version 1.4.2_17
Sdk
Version 1.4.2_18
Sdk
Version 1.4.2_19
Sdk
Version 1.4.2_1
Sdk
Version 1.4.2_20
Sdk
Version 1.4.2_21
Sdk
Version 1.4.2_22
Sdk
Version 1.4.2_2
Sdk
Version 1.4.2_3
Sdk
Version 1.4.2_4
Sdk
Version 1.4.2_5
Sdk
Version 1.4.2_6
Sdk
Version 1.4.2_7
Sdk
Version 1.4.2_8
Sdk
Version 1.4.2_9
Running on/withPlatform Versions
Sun
Java Se
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (52)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.