CVE-2009-3852 - Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5.0.0 before SR10

CVE-2009-3852

Summary

Unspecified vulnerability in the XML component in IBM Runtimes for Java Technology 5.0.0 before SR10 has unknown impact and attack vectors, related to the "updated version of XML4J 4.4.17."

References

http://secunia.com/advisories/37210
http://www.securityfocus.com/bid/36894
http://www.vupen.com/english/advisories/2009/3106
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ63920
https://exchange.xforce.ibmcloud.com/vulnerabilities/54069

Vulnerable Configurations

cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 17-08-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

aixapar	IZ63920
bid	36894
secunia	37210
vupen	ADV-2009-3106
xf	runtime-xml4j-unspecified(54069)

Last major update

17-08-2017 - 01:31

Published

03-11-2009 - 16:30

Last modified

17-08-2017 - 01:31