CVE-2009-3869 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-3869 Interim 1 13 2023-04-03T01:13:04Z current 2021-05-30T12:48:59Z 2023-04-03T01:13:04Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-3869 Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html E-Mail link for SUSE-SA:2009:058 https://lists.opensuse.org/opensuse-security-announce/2010-01/msg00001.html E-Mail link for SUSE-SA:2010:002 https://lists.opensuse.org/opensuse-security-announce/2010-01/msg00003.html E-Mail link for SUSE-SA:2010:003 https://lists.opensuse.org/opensuse-security-announce/2010-01/msg00004.html E-Mail link for SUSE-SA:2010:004 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 java-1_6_0-ibm-1.6.0_sr7.0-1.1.1 java-1_6_0-ibm-alsa-1.6.0_sr7.0-1.1.1 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 java-1_6_0-ibm-fonts-1.6.0_sr7.0-1.1.1 java-1_6_0-ibm-jdbc-1.6.0_sr7.0-1.1.1 java-1_6_0-ibm-plugin-1.6.0_sr7.0-1.1.1 java-1_6_0-ibm-x86-1.6.0-124.7.1 java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-alsa-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-fonts-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-jdbc-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-plugin-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server 11 java-1_6_0-ibm-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server 11 java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-alsa-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-fonts-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-jdbc-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-plugin-1.6.0_sr7.0-1.1.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 java-1_6_0-ibm-x86-1.6.0-124.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. CVE-2009-3869 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server 11:java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-alsa-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-fonts-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-jdbc-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-plugin-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server 11:java-1_6_0-ibm-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-jdbc-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_4_2-ibm-plugin-1.4.2_sr13.3-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-alsa-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-fonts-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-jdbc-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-plugin-1.6.0_sr7.0-1.1.1 SUSE Linux Enterprise Server for SAP Applications 11:java-1_6_0-ibm-x86-1.6.0-124.7.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C