NVD Vulnerability Detail

CVE-2009-1100

Summary	Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.
Summary	Múltiples vulnerabilidades no especificadas en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) v5.0 Update 17 y anteriores, y v6 Update 12 y anteriores, permite a atacantes remotos provocar una denegación de servicio (consumo de disco) a través de vectores relacionados con ficheros de fuentes temporales y (1) "límites en la creación de Fuentes" también conocido como CR 6522586 y (2) otro vector no especificado, también conocido como CR 6632886.
Publication Date	March 26, 2009, 8:30 a.m.
Registration Date	Jan. 29, 2021, 1:16 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sun:jdk::update17::::::*		1.5.0
cpe:2.3:a:sun:jdk:1.5.0:::::::*
cpe:2.3:a:sun:jdk:1.5.0:update1::::::
cpe:2.3:a:sun:jdk:1.5.0:update10::::::
cpe:2.3:a:sun:jdk:1.5.0:update11::::::
cpe:2.3:a:sun:jdk:1.5.0:update11_b03::::::
cpe:2.3:a:sun:jdk:1.5.0:update12::::::
cpe:2.3:a:sun:jdk:1.5.0:update13::::::
cpe:2.3:a:sun:jdk:1.5.0:update14::::::
cpe:2.3:a:sun:jdk:1.5.0:update15::::::
cpe:2.3:a:sun:jdk:1.5.0:update16::::::
cpe:2.3:a:sun:jdk:1.5.0:update2::::::
cpe:2.3:a:sun:jdk:1.5.0:update3::::::
cpe:2.3:a:sun:jdk:1.5.0:update4::::::
cpe:2.3:a:sun:jdk:1.5.0:update5::::::
cpe:2.3:a:sun:jdk:1.5.0:update6::::::
cpe:2.3:a:sun:jdk:1.5.0:update7::::::
cpe:2.3:a:sun:jdk:1.5.0:update7_b03::::::
cpe:2.3:a:sun:jdk:1.5.0:update8::::::
cpe:2.3:a:sun:jdk:1.5.0:update9::::::
cpe:2.3:a:sun:jre::update17::::::*		1.5.0
cpe:2.3:a:sun:jre:1.5.0:::::::*
cpe:2.3:a:sun:jre:1.5.0:update1::::::
cpe:2.3:a:sun:jre:1.5.0:update10::::::
cpe:2.3:a:sun:jre:1.5.0:update11::::::
cpe:2.3:a:sun:jre:1.5.0:update12::::::
cpe:2.3:a:sun:jre:1.5.0:update13::::::
cpe:2.3:a:sun:jre:1.5.0:update14::::::
cpe:2.3:a:sun:jre:1.5.0:update15::::::
cpe:2.3:a:sun:jre:1.5.0:update16::::::
cpe:2.3:a:sun:jre:1.5.0:update2::::::
cpe:2.3:a:sun:jre:1.5.0:update3::::::
cpe:2.3:a:sun:jre:1.5.0:update4::::::
cpe:2.3:a:sun:jre:1.5.0:update5::::::
cpe:2.3:a:sun:jre:1.5.0:update6::::::
cpe:2.3:a:sun:jre:1.5.0:update7::::::
cpe:2.3:a:sun:jre:1.5.0:update8::::::
cpe:2.3:a:sun:jre:1.5.0:update9::::::
cpe:2.3:a:sun:jdk::update_12::::::*		1.6.0
cpe:2.3:a:sun:jdk:1.6.0:::::::*
cpe:2.3:a:sun:jdk:1.6.0:update_10::::::
cpe:2.3:a:sun:jdk:1.6.0:update_11::::::
cpe:2.3:a:sun:jdk:1.6.0:update_3::::::
cpe:2.3:a:sun:jdk:1.6.0:update_4::::::
cpe:2.3:a:sun:jdk:1.6.0:update_5::::::
cpe:2.3:a:sun:jdk:1.6.0:update_6::::::
cpe:2.3:a:sun:jdk:1.6.0:update_7::::::
cpe:2.3:a:sun:jdk:1.6.0:update1::::::
cpe:2.3:a:sun:jdk:1.6.0:update1_b06::::::
cpe:2.3:a:sun:jdk:1.6.0:update2::::::
cpe:2.3:a:sun:jre::update_12::::::*		1.6.0
cpe:2.3:a:sun:jre:1.6.0:::::::*
cpe:2.3:a:sun:jre:1.6.0:update_1::::::
cpe:2.3:a:sun:jre:1.6.0:update_10::::::
cpe:2.3:a:sun:jre:1.6.0:update_11::::::
cpe:2.3:a:sun:jre:1.6.0:update_2::::::
cpe:2.3:a:sun:jre:1.6.0:update_3::::::
cpe:2.3:a:sun:jre:1.6.0:update_4::::::
cpe:2.3:a:sun:jre:1.6.0:update_5::::::
cpe:2.3:a:sun:jre:1.6.0:update_6::::::
cpe:2.3:a:sun:jre:1.6.0:update_7::::::

Related information, measures and tools

No	URL	refsource
1	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133	cve@mitre.org
2	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html	cve@mitre.org
3	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html	cve@mitre.org
4	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	cve@mitre.org
5	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html	cve@mitre.org
6	http://marc.info/?l=bugtraq&m=124344236532162&w=2	cve@mitre.org
7	http://secunia.com/advisories/34489	cve@mitre.org
8	http://secunia.com/advisories/34495	cve@mitre.org
9	http://secunia.com/advisories/34496	cve@mitre.org
10	http://secunia.com/advisories/35156	cve@mitre.org
11	http://secunia.com/advisories/35223	cve@mitre.org
12	http://secunia.com/advisories/35255	cve@mitre.org
13	http://secunia.com/advisories/35416	cve@mitre.org
14	http://secunia.com/advisories/35776	cve@mitre.org
15	http://secunia.com/advisories/36185	cve@mitre.org
16	http://secunia.com/advisories/37386	cve@mitre.org
17	http://secunia.com/advisories/37460	cve@mitre.org
18	http://security.gentoo.org/glsa/glsa-200911-02.xml	cve@mitre.org
19	http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1	cve@mitre.org
20	http://sunsolve.sun.com/search/document.do?assetkey=1-66-254608-1	cve@mitre.org
21	http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm	cve@mitre.org
22	http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm	cve@mitre.org
23	http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html	cve@mitre.org
24	http://www.redhat.com/support/errata/RHSA-2009-0392.html	cve@mitre.org
25	http://www.redhat.com/support/errata/RHSA-2009-0394.html	cve@mitre.org
26	http://www.redhat.com/support/errata/RHSA-2009-1038.html	cve@mitre.org
27	http://www.securityfocus.com/archive/1/507985/100/0/threaded	cve@mitre.org
28	http://www.securityfocus.com/bid/34240	cve@mitre.org
29	http://www.securitytracker.com/id?1021917	cve@mitre.org
30	http://www.ubuntu.com/usn/usn-748-1	cve@mitre.org
31	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	cve@mitre.org
32	http://www.vupen.com/english/advisories/2009/1426	cve@mitre.org
33	http://www.vupen.com/english/advisories/2009/3316	cve@mitre.org
34	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6224	cve@mitre.org
35	https://rhn.redhat.com/errata/RHSA-2009-1198.html	cve@mitre.org
36	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133	af854a3a-2127-422b-91ae-364da2661108
37	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
38	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html	af854a3a-2127-422b-91ae-364da2661108
39	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	af854a3a-2127-422b-91ae-364da2661108
40	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
41	http://marc.info/?l=bugtraq&m=124344236532162&w=2	af854a3a-2127-422b-91ae-364da2661108
42	http://secunia.com/advisories/34489	af854a3a-2127-422b-91ae-364da2661108
43	http://secunia.com/advisories/34495	af854a3a-2127-422b-91ae-364da2661108
44	http://secunia.com/advisories/34496	af854a3a-2127-422b-91ae-364da2661108
45	http://secunia.com/advisories/35156	af854a3a-2127-422b-91ae-364da2661108
46	http://secunia.com/advisories/35223	af854a3a-2127-422b-91ae-364da2661108
47	http://secunia.com/advisories/35255	af854a3a-2127-422b-91ae-364da2661108
48	http://secunia.com/advisories/35416	af854a3a-2127-422b-91ae-364da2661108
49	http://secunia.com/advisories/35776	af854a3a-2127-422b-91ae-364da2661108
50	http://secunia.com/advisories/36185	af854a3a-2127-422b-91ae-364da2661108
51	http://secunia.com/advisories/37386	af854a3a-2127-422b-91ae-364da2661108
52	http://secunia.com/advisories/37460	af854a3a-2127-422b-91ae-364da2661108
53	http://security.gentoo.org/glsa/glsa-200911-02.xml	af854a3a-2127-422b-91ae-364da2661108
54	http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1	af854a3a-2127-422b-91ae-364da2661108
55	http://sunsolve.sun.com/search/document.do?assetkey=1-66-254608-1	af854a3a-2127-422b-91ae-364da2661108
56	http://support.avaya.com/elmodocs2/security/ASA-2009-108.htm	af854a3a-2127-422b-91ae-364da2661108
57	http://support.avaya.com/elmodocs2/security/ASA-2009-109.htm	af854a3a-2127-422b-91ae-364da2661108
58	http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html	af854a3a-2127-422b-91ae-364da2661108
59	http://www.redhat.com/support/errata/RHSA-2009-0392.html	af854a3a-2127-422b-91ae-364da2661108
60	http://www.redhat.com/support/errata/RHSA-2009-0394.html	af854a3a-2127-422b-91ae-364da2661108
61	http://www.redhat.com/support/errata/RHSA-2009-1038.html	af854a3a-2127-422b-91ae-364da2661108
62	http://www.securityfocus.com/archive/1/507985/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
63	http://www.securityfocus.com/bid/34240	af854a3a-2127-422b-91ae-364da2661108
64	http://www.securitytracker.com/id?1021917	af854a3a-2127-422b-91ae-364da2661108
65	http://www.ubuntu.com/usn/usn-748-1	af854a3a-2127-422b-91ae-364da2661108
66	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	af854a3a-2127-422b-91ae-364da2661108
67	http://www.vupen.com/english/advisories/2009/1426	af854a3a-2127-422b-91ae-364da2661108
68	http://www.vupen.com/english/advisories/2009/3316	af854a3a-2127-422b-91ae-364da2661108
69	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6224	af854a3a-2127-422b-91ae-364da2661108
70	https://rhn.redhat.com/errata/RHSA-2009-1198.html	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sun:jdk::update17::::::*		1.5.0
cpe:2.3:a:sun:jdk:1.5.0:::::::*
cpe:2.3:a:sun:jdk:1.5.0:update1::::::
cpe:2.3:a:sun:jdk:1.5.0:update10::::::
cpe:2.3:a:sun:jdk:1.5.0:update11::::::
cpe:2.3:a:sun:jdk:1.5.0:update11_b03::::::
cpe:2.3:a:sun:jdk:1.5.0:update12::::::
cpe:2.3:a:sun:jdk:1.5.0:update13::::::
cpe:2.3:a:sun:jdk:1.5.0:update14::::::
cpe:2.3:a:sun:jdk:1.5.0:update15::::::
cpe:2.3:a:sun:jdk:1.5.0:update16::::::
cpe:2.3:a:sun:jdk:1.5.0:update2::::::
cpe:2.3:a:sun:jdk:1.5.0:update3::::::
cpe:2.3:a:sun:jdk:1.5.0:update4::::::
cpe:2.3:a:sun:jdk:1.5.0:update5::::::
cpe:2.3:a:sun:jdk:1.5.0:update6::::::
cpe:2.3:a:sun:jdk:1.5.0:update7::::::
cpe:2.3:a:sun:jdk:1.5.0:update7_b03::::::
cpe:2.3:a:sun:jdk:1.5.0:update8::::::
cpe:2.3:a:sun:jdk:1.5.0:update9::::::
cpe:2.3:a:sun:jre::update17::::::*		1.5.0
cpe:2.3:a:sun:jre:1.5.0:::::::*
cpe:2.3:a:sun:jre:1.5.0:update1::::::
cpe:2.3:a:sun:jre:1.5.0:update10::::::
cpe:2.3:a:sun:jre:1.5.0:update11::::::
cpe:2.3:a:sun:jre:1.5.0:update12::::::
cpe:2.3:a:sun:jre:1.5.0:update13::::::
cpe:2.3:a:sun:jre:1.5.0:update14::::::
cpe:2.3:a:sun:jre:1.5.0:update15::::::
cpe:2.3:a:sun:jre:1.5.0:update16::::::
cpe:2.3:a:sun:jre:1.5.0:update2::::::
cpe:2.3:a:sun:jre:1.5.0:update3::::::
cpe:2.3:a:sun:jre:1.5.0:update4::::::
cpe:2.3:a:sun:jre:1.5.0:update5::::::
cpe:2.3:a:sun:jre:1.5.0:update6::::::
cpe:2.3:a:sun:jre:1.5.0:update7::::::
cpe:2.3:a:sun:jre:1.5.0:update8::::::
cpe:2.3:a:sun:jre:1.5.0:update9::::::
cpe:2.3:a:sun:jdk::update_12::::::*		1.6.0
cpe:2.3:a:sun:jdk:1.6.0:::::::*
cpe:2.3:a:sun:jdk:1.6.0:update_10::::::
cpe:2.3:a:sun:jdk:1.6.0:update_11::::::
cpe:2.3:a:sun:jdk:1.6.0:update_3::::::
cpe:2.3:a:sun:jdk:1.6.0:update_4::::::
cpe:2.3:a:sun:jdk:1.6.0:update_5::::::
cpe:2.3:a:sun:jdk:1.6.0:update_6::::::
cpe:2.3:a:sun:jdk:1.6.0:update_7::::::
cpe:2.3:a:sun:jdk:1.6.0:update1::::::
cpe:2.3:a:sun:jdk:1.6.0:update1_b06::::::
cpe:2.3:a:sun:jdk:1.6.0:update2::::::
cpe:2.3:a:sun:jre::update_12::::::*		1.6.0
cpe:2.3:a:sun:jre:1.6.0:::::::*
cpe:2.3:a:sun:jre:1.6.0:update_1::::::
cpe:2.3:a:sun:jre:1.6.0:update_10::::::
cpe:2.3:a:sun:jre:1.6.0:update_11::::::
cpe:2.3:a:sun:jre:1.6.0:update_2::::::
cpe:2.3:a:sun:jre:1.6.0:update_3::::::
cpe:2.3:a:sun:jre:1.6.0:update_4::::::
cpe:2.3:a:sun:jre:1.6.0:update_5::::::
cpe:2.3:a:sun:jre:1.6.0:update_6::::::
cpe:2.3:a:sun:jre:1.6.0:update_7::::::