Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-3886

EPSS 0.45% · P64
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3886

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP (1) application or (2) applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sun Java SE "Java Web Start"应用未明安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Solaris系统的Java运行时环境(JRE)为JAVA应用程序提供可靠的运行环境。 Sun Java SE "Java Web Start"应用存在未明安全漏洞,Java Web Start没有正确处理签名JAR文件和JNLP(1) application或(2) applet之间的交互作用,可能产生未明影响和攻击向量。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-3886

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-3886

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-11-09 · 24 CVEs total

CVE-2009-3911TFTgallery 'settings.php' 跨站脚本攻击漏洞
CVE-2009-3922Drupal User Protect 跨站请求伪造漏洞
CVE-2009-3921Drupal Smartqueue OG模块安全许可和信息泄露漏洞
CVE-2009-3920Drupal NGP COO/CWP Integration模块访问控制和信息泄露漏洞
CVE-2009-3919Drupal NGP COO/CWP Integration模块安全绕过和HTML注入漏洞
CVE-2009-3918Drupal Zoomify模块HTML注入漏洞
CVE-2009-3917Drupal S5 Presentation Player模块HTML注入漏洞
CVE-2009-3916Drupal Node Hierarchy模块跨站脚本漏洞
CVE-2009-3915Drupal Link模块跨站脚本攻击漏洞
CVE-2009-3914Drupal Temporary Invitation模块跨站脚本漏洞
CVE-2009-3913Xerox Fiery WebTools 'summary.php' SQL注入漏洞
CVE-2009-3912TFTgallery 'index.php' 目录遍历漏洞
CVE-2009-3726Linux kernel 资源管理错误漏洞
CVE-2009-3555Apache HTTP Server 信任管理问题漏洞
CVE-2009-3885Sun Java SE "BMP"方法 拒绝服务攻击漏洞
CVE-2009-3884Sun Java SE和OpenJDK 方法"TimeZone.getTimeZone" 信息泄露漏洞
CVE-2009-3883Sun Java SE和OpenJDK 特征"PL&F" 多个未明安全漏洞
CVE-2009-3882Sun Java SE和OpenJDK 应用"Swing" 多个未明安全漏洞
CVE-2009-3881Sun Java SE和OpenJDK "ClassLoader" 权限获得和信息泄露漏洞
CVE-2009-3880Sun Java SE和OpenJDK "Abstract Window Toolkit (AWT)" 访问控制和信息泄露漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-3886

No comments yet

Leave a comment