Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2009-1101

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak."

  • Published: Mar 26, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-1101
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
sun / jdk 1.6.0-update_4 1.6.0-update_4.x
sun / jre 1.6.0-update_3 1.6.0-update_3.x
sun / jre 1.6.0-update_5 1.6.0-update_5.x
sun / jdk 1.6.0-update_7 1.6.0-update_7.x
sun / jre 1.6.0-update_1 1.6.0-update_1.x
sun / jre 1.6.0-update_2 1.6.0-update_2.x
sun / jdk 1.6.0-update_3 1.6.0-update_3.x
sun / jdk 1.6.0-update_11 1.6.0-update_11.x
sun / jdk 1.6.0-update_10 1.6.0-update_10.x
sun / jre 1.6.0-update_6 1.6.0-update_6.x
sun / jdk 1.6.0 1.6.0.x
sun / jre 1.6.0 1.6.0.x
sun / jdk 1.6.0-update_5 1.6.0-update_5.x
sun / jdk 1.6.0-update2 1.6.0-update2.x
sun / jre 1.6.0-update_10 1.6.0-update_10.x
sun / jdk - 1.6.0.x
sun / jdk 1.6.0-update1_b06 1.6.0-update1_b06.x
sun / jdk 1.6.0-update1 1.6.0-update1.x
sun / jre - 1.6.0.x
sun / jre 1.6.0-update_7 1.6.0-update_7.x
sun / jre 1.6.0-update_4 1.6.0-update_4.x
sun / jdk 1.6.0-update_6 1.6.0-update_6.x
sun / jre 1.6.0-update_11 1.6.0-update_11.x