fkie_nvd - fkie_cve-2009-3729

fkie_cve-2009-3729

Vulnerability from fkie_nvd

Published

2009-11-09 19:30

Modified

2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780.

References

URL	Tags
secalert@redhat.com	http://java.sun.com/j2se/1.5.0/ReleaseNotes.html	Vendor Advisory
secalert@redhat.com	http://java.sun.com/javase/6/webnotes/6u17.html	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/37386
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200911-02.xml
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=532904
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7537
af854a3a-2127-422b-91ae-364da2661108	http://java.sun.com/j2se/1.5.0/ReleaseNotes.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://java.sun.com/javase/6/webnotes/6u17.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37386
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200911-02.xml
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=532904
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7537

Impacted products

Vendor	Product	Version
sun	jre	*
sun	jre	*
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*",
              "matchCriteriaId": "349EC26C-D1B9-44E4-A58E-E05326B7EC7D",
              "versionEndIncluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:*:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "64DE1804-F822-4D0D-82A3-3B9DE1F3B0D2",
              "versionEndIncluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "14E6127E-A40D-437D-B57B-0D7F57D08559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "28AE4411-45D1-4978-BA61-334AD04FF8FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "479EB097-495A-4730-AF51-F2C0064EBA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "9B3E7C12-8D97-42CC-9B2B-A0AE3267DE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "5024BE9F-CE32-4099-A646-F3EC5DB6F63C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "DA9FB72A-C55F-4878-89D5-375FDA08163B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "1CBC2A9C-9F21-4509-BA72-28B5DB16E55D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "485F5ED3-062D-4A8E-AA34-9DC95D0D9646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_18:*:*:*:*:*:*",
              "matchCriteriaId": "124364C5-0616-4C7A-A78F-08FABAA785CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_19:*:*:*:*:*:*",
              "matchCriteriaId": "A6BFFF1E-20D6-4508-9842-E7AB35F12B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "DB7307A5-6F20-44FD-9D09-8FB76E444500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_20:*:*:*:*:*:*",
              "matchCriteriaId": "2E7F3992-0C15-4371-BE14-0D2046B3976E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "0E45DE8A-477B-4BF7-893B-D11DDEE82E82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "D107CE0B-2EF2-4CF0-869E-3E27CBCA4997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "81DABB45-F39C-4BF4-8F2B-0CEE60A44C00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "CDDBD68A-771C-44FD-96A3-3AE189DE2591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "8FBD21F3-AC92-4154-948E-509FB8E097F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "D91F9E0C-0A76-4DBC-A4E5-74E6682A5765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "86F7EF21-5395-4F1F-A15D-A1C7EDBFAB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_8:*:*:*:*:*:*",
              "matchCriteriaId": "3DA21490-E253-4BDC-9BA8-5D068BE35189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la funcionalidad de an\u00e1lisis sint\u00e1ctico de fuentes TrueType en Sun Java SE v5.0 anteriores a Update 22 y 6 anteriores a Update 17 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de cierto programa de chequeo, tambi\u00e9n conocido como Bug Id 6815780.\r\n"
    }
  ],
  "id": "CVE-2009-3729",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-11-09T19:30:00.437",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532904"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://java.sun.com/javase/6/webnotes/6u17.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7537"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-3729 (GCVE-0-2009-3729)

Vulnerability from cvelistv5

Published

2009-11-09 19:00