CVE-2009-3869 Information

Feb 14, 2021 cve

Description

Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 JDK and JRE 6 before Update 17 SDK and JRE 1.3.x before 1.3.1_27 and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument aka Bug Id 6872357.

Reference

http://java.sun.com/javase/6/webnotes/6u17.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html http://marc.info/?l=bugtraq&m=126566824131534&w=2 http://marc.info/?l=bugtraq&m=131593453929393&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/37231 http://secunia.com/advisories/37239 http://secunia.com/advisories/37386 http://secunia.com/advisories/37581 http://secunia.com/advisories/37841 http://security.gentoo.org/glsa/glsa-200911-02.xml http://securitytracker.com/id?1023132 http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1 http://support.apple.com/kb/HT3969 http://support.apple.com/kb/HT3970 http://www.mandriva.com/security/advisories?name=MDVSA-2010:084 http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html http://www.redhat.com/support/errata/RHSA-2009-1694.html http://www.securityfocus.com/bid/36881 http://www.vupen.com/english/advisories/2009/3131 http://zerodayinitiative.com/advisories/ZDI-09-078/ https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10741 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11262 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7400 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8566

Share on: