Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2009-3871

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE Linux Security Vulnerability: CVE-2009-3871

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

11/05/2009

Created

07/25/2018

Added

02/17/2015

Modified

07/04/2017

Description

Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.

Solution(s)

suse-upgrade-ibmjava2-jre
suse-upgrade-ibmjava2-sdk
suse-upgrade-ibmjava5-jre
suse-upgrade-ibmjava5-sdk
suse-upgrade-java-1_4_2-ibm
suse-upgrade-java-1_4_2-ibm-devel
suse-upgrade-java-1_4_2-ibm-jdbc
suse-upgrade-java-1_4_2-ibm-plugin
suse-upgrade-java-1_5_0-ibm
suse-upgrade-java-1_5_0-ibm-32bit
suse-upgrade-java-1_5_0-ibm-64bit
suse-upgrade-java-1_5_0-ibm-alsa-32bit
suse-upgrade-java-1_5_0-ibm-demo
suse-upgrade-java-1_5_0-ibm-devel
suse-upgrade-java-1_5_0-ibm-devel-32bit
suse-upgrade-java-1_5_0-ibm-fonts
suse-upgrade-java-1_5_0-ibm-jdbc
suse-upgrade-java-1_5_0-ibm-plugin
suse-upgrade-java-1_5_0-ibm-src
suse-upgrade-java-1_5_0-sun
suse-upgrade-java-1_5_0-sun-alsa
suse-upgrade-java-1_5_0-sun-demo
suse-upgrade-java-1_5_0-sun-devel
suse-upgrade-java-1_5_0-sun-jdbc
suse-upgrade-java-1_5_0-sun-plugin
suse-upgrade-java-1_5_0-sun-src
suse-upgrade-java-1_6_0-ibm
suse-upgrade-java-1_6_0-ibm-alsa
suse-upgrade-java-1_6_0-ibm-alsa-x86
suse-upgrade-java-1_6_0-ibm-fonts
suse-upgrade-java-1_6_0-ibm-jdbc
suse-upgrade-java-1_6_0-ibm-plugin
suse-upgrade-java-1_6_0-ibm-x86
suse-upgrade-java-1_6_0-openjdk
suse-upgrade-java-1_6_0-openjdk-demo
suse-upgrade-java-1_6_0-openjdk-devel
suse-upgrade-java-1_6_0-openjdk-javadoc
suse-upgrade-java-1_6_0-openjdk-plugin
suse-upgrade-java-1_6_0-openjdk-src
suse-upgrade-java-1_6_0-sun
suse-upgrade-java-1_6_0-sun-alsa
suse-upgrade-java-1_6_0-sun-demo
suse-upgrade-java-1_6_0-sun-devel
suse-upgrade-java-1_6_0-sun-jdbc
suse-upgrade-java-1_6_0-sun-plugin
suse-upgrade-java-1_6_0-sun-src
suse-upgrade-sap-aio-release

References

https://attackerkb.com/topics/cve-2009-3871
APPLE-SA-2009-12-03-1
APPLE-SA-2009-12-03-2
36881
CVE - 2009-3871
OVAL12134
OVAL6698
OVAL8275
OVAL9360
RHSA-2009:1694
SUSE-SA:2009:058

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2009-3871

SUSE Linux Security Vulnerability: CVE-2009-3871

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.