Search for vulnerabilities
Vulnerability details: VCID-pgtg-mank-aaak
Vulnerability ID VCID-pgtg-mank-aaak
Aliases CVE-2009-2625
GHSA-334p-wv2m-w3vp
Summary Denial of service in Apache Xerces2
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-264 Permissions, Privileges, and Access Controls
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
generic_textual MODERATE http://marc.info/?l=bugtraq&m=125787273209737&w=2
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2012-1232.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2012-1537.html
rhas Critical https://access.redhat.com/errata/RHSA-2009:1199
rhas Critical https://access.redhat.com/errata/RHSA-2009:1200
rhas Important https://access.redhat.com/errata/RHSA-2009:1201
rhas Critical https://access.redhat.com/errata/RHSA-2009:1236
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1505
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1551
rhas Critical https://access.redhat.com/errata/RHSA-2009:1582
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1615
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1636
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1637
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1649
rhas Moderate https://access.redhat.com/errata/RHSA-2009:1650
rhas Low https://access.redhat.com/errata/RHSA-2009:1662
rhas Low https://access.redhat.com/errata/RHSA-2010:0043
rhas Moderate https://access.redhat.com/errata/RHSA-2011:0858
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0725
rhas Important https://access.redhat.com/errata/RHSA-2012:1232
rhas Moderate https://access.redhat.com/errata/RHSA-2012:1537
rhas Moderate https://access.redhat.com/errata/RHSA-2013:0763
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00326 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00416 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00432 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00552 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.00552 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.01896 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.07157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.07157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.07157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.07157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
epss 0.17157 https://api.first.org/data/v1/epss?cve=CVE-2009-2625
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=512921
generic_textual MODERATE http://secunia.com/advisories/36162
generic_textual MODERATE http://secunia.com/advisories/36176
generic_textual MODERATE http://secunia.com/advisories/36180
generic_textual MODERATE http://secunia.com/advisories/36199
generic_textual MODERATE http://secunia.com/advisories/37300
cvssv3.1 4.2 http://secunia.com/advisories/37460
generic_textual MODERATE http://secunia.com/advisories/37460
generic_textual MODERATE http://secunia.com/advisories/37671
generic_textual MODERATE http://secunia.com/advisories/37754
generic_textual MODERATE http://secunia.com/advisories/38231
generic_textual MODERATE http://secunia.com/advisories/38342
generic_textual MODERATE http://secunia.com/advisories/43300
generic_textual MODERATE http://secunia.com/advisories/50549
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-334p-wv2m-w3vp
generic_textual MODERATE https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b
generic_textual MODERATE http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
cvssv3.1 7.5 https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
cvssv3.1 7.5 https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2009-2625
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1199.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1200.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1201.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1636.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1637.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1649.html
generic_textual MODERATE https://rhn.redhat.com/errata/RHSA-2009-1650.html
generic_textual MODERATE https://snyk.io/vuln/SNYK-JAVA-XERCES-32014
generic_textual MODERATE http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
generic_textual MODERATE http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
generic_textual MODERATE http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
generic_textual MODERATE http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1
generic_textual MODERATE http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
generic_textual MODERATE http://www.cert.fi/en/reports/2009/vulnerability2009085.html
generic_textual MODERATE http://www.codenomicon.com/labs/xml
generic_textual MODERATE http://www.debian.org/security/2010/dsa-1984
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2011:108
generic_textual MODERATE http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
generic_textual MODERATE http://www.openwall.com/lists/oss-security/2009/09/06/1
generic_textual MODERATE http://www.openwall.com/lists/oss-security/2009/10/22/9
generic_textual MODERATE http://www.openwall.com/lists/oss-security/2009/10/23/6
generic_textual MODERATE http://www.openwall.com/lists/oss-security/2009/10/26/3
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
generic_textual MODERATE http://www.redhat.com/support/errata/RHSA-2009-1615.html
generic_textual MODERATE http://www.redhat.com/support/errata/RHSA-2011-0858.html
cvssv3.1 4.2 http://www.securityfocus.com/archive/1/507985/100/0/threaded
generic_textual MODERATE http://www.securityfocus.com/archive/1/507985/100/0/threaded
generic_textual MODERATE http://www.securityfocus.com/bid/35958
generic_textual MODERATE http://www.securitytracker.com/id?1022680
generic_textual MODERATE http://www.ubuntu.com/usn/USN-890-1
generic_textual MODERATE http://www.us-cert.gov/cas/techalerts/TA09-294A.html
generic_textual MODERATE http://www.us-cert.gov/cas/techalerts/TA10-012A.html
cvssv3.1 4.2 http://www.vmware.com/security/advisories/VMSA-2009-0016.html
generic_textual MODERATE http://www.vmware.com/security/advisories/VMSA-2009-0016.html
generic_textual MODERATE http://www.vupen.com/english/advisories/2009/2543
cvssv3.1 4.2 http://www.vupen.com/english/advisories/2009/3316
generic_textual MODERATE http://www.vupen.com/english/advisories/2009/3316
generic_textual MODERATE http://www.vupen.com/english/advisories/2011/0359
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://marc.info/?l=bugtraq&m=125787273209737&w=2
http://rhn.redhat.com/errata/RHSA-2012-1232.html
http://rhn.redhat.com/errata/RHSA-2012-1537.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625
http://secunia.com/advisories/36162
http://secunia.com/advisories/36176
http://secunia.com/advisories/36180
http://secunia.com/advisories/36199
http://secunia.com/advisories/37300
http://secunia.com/advisories/37460
http://secunia.com/advisories/37671
http://secunia.com/advisories/37754
http://secunia.com/advisories/38231
http://secunia.com/advisories/38342
http://secunia.com/advisories/43300
http://secunia.com/advisories/50549
https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356
https://rhn.redhat.com/errata/RHSA-2009-1199.html
https://rhn.redhat.com/errata/RHSA-2009-1200.html
https://rhn.redhat.com/errata/RHSA-2009-1201.html
https://rhn.redhat.com/errata/RHSA-2009-1636.html
https://rhn.redhat.com/errata/RHSA-2009-1637.html
https://rhn.redhat.com/errata/RHSA-2009-1649.html
https://rhn.redhat.com/errata/RHSA-2009-1650.html
https://snyk.io/vuln/SNYK-JAVA-XERCES-32014
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1
http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
http://www.cert.fi/en/reports/2009/vulnerability2009085.html
http://www.codenomicon.com/labs/xml
http://www.codenomicon.com/labs/xml/
http://www.debian.org/security/2010/dsa-1984
http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
http://www.mandriva.com/security/advisories?name=MDVSA-2011:108
http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
http://www.openwall.com/lists/oss-security/2009/09/06/1
http://www.openwall.com/lists/oss-security/2009/10/22/9
http://www.openwall.com/lists/oss-security/2009/10/23/6
http://www.openwall.com/lists/oss-security/2009/10/26/3
http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
http://www.redhat.com/support/errata/RHSA-2009-1615.html
http://www.redhat.com/support/errata/RHSA-2011-0858.html
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/35958
http://www.securitytracker.com/id?1022680
http://www.ubuntu.com/usn/USN-890-1
http://www.us-cert.gov/cas/techalerts/TA09-294A.html
http://www.us-cert.gov/cas/techalerts/TA10-012A.html
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/2543
http://www.vupen.com/english/advisories/2009/3316
http://www.vupen.com/english/advisories/2011/0359
512921 https://bugzilla.redhat.com/show_bug.cgi?id=512921
542210 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542210
cpe:2.3:a:apache:xerces2_java:2.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:xerces2_java:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update10:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update11:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update12:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update13:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update14:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update15:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update16:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update17:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update18:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update19:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update7:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update9:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update9:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:6.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:6.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_web_services:6.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_web_services:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_web_services:7.0:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_web_services:7.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_web_services:7.0:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_web_services:7.0:sp1:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
CVE-2009-2625 https://bugzilla.redhat.com/CVE-2009-2625
CVE-2009-2625 https://nvd.nist.gov/vuln/detail/CVE-2009-2625
GHSA-334p-wv2m-w3vp https://github.com/advisories/GHSA-334p-wv2m-w3vp
RHSA-2009:1199 https://access.redhat.com/errata/RHSA-2009:1199
RHSA-2009:1200 https://access.redhat.com/errata/RHSA-2009:1200
RHSA-2009:1201 https://access.redhat.com/errata/RHSA-2009:1201
RHSA-2009:1236 https://access.redhat.com/errata/RHSA-2009:1236
RHSA-2009:1505 https://access.redhat.com/errata/RHSA-2009:1505
RHSA-2009:1551 https://access.redhat.com/errata/RHSA-2009:1551
RHSA-2009:1582 https://access.redhat.com/errata/RHSA-2009:1582
RHSA-2009:1615 https://access.redhat.com/errata/RHSA-2009:1615
RHSA-2009:1636 https://access.redhat.com/errata/RHSA-2009:1636
RHSA-2009:1637 https://access.redhat.com/errata/RHSA-2009:1637
RHSA-2009:1649 https://access.redhat.com/errata/RHSA-2009:1649
RHSA-2009:1650 https://access.redhat.com/errata/RHSA-2009:1650
RHSA-2009:1662 https://access.redhat.com/errata/RHSA-2009:1662
RHSA-2010:0043 https://access.redhat.com/errata/RHSA-2010:0043
RHSA-2011:0858 https://access.redhat.com/errata/RHSA-2011:0858
RHSA-2012:0725 https://access.redhat.com/errata/RHSA-2012:0725
RHSA-2012:1232 https://access.redhat.com/errata/RHSA-2012:1232
RHSA-2012:1537 https://access.redhat.com/errata/RHSA-2012:1537
RHSA-2013:0763 https://access.redhat.com/errata/RHSA-2013:0763
USN-814-1 https://usn.ubuntu.com/814-1/
USN-890-1 https://usn.ubuntu.com/890-1/
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/37460
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2009-2625
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.securityfocus.com/archive/1/507985/100/0/threaded
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.vupen.com/english/advisories/2009/3316
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.54685
EPSS Score 0.00326
Published At April 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.