Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2009-2675

Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.

  • Published: Aug 5, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-2675
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
sun / jdk 5.0-update_12 5.0-update_12.x
sun / jdk 5.0-update_15 5.0-update_15.x
sun / jre 5.0-update_19 5.0-update_19.x
sun / jdk 5.0-update_3 5.0-update_3.x
sun / jre 5.0-update_13 5.0-update_13.x
sun / jre 5.0-update_1 5.0-update_1.x
sun / jdk 5.0-update_11 5.0-update_11.x
sun / jre 6-update_10 6-update_10.x
sun / jre - 6.x
sun / jdk 6-update_6 6-update_6.x
sun / jdk 6-update_7 6-update_7.x
sun / jdk 5.0-update_8 5.0-update_8.x
sun / jre 5.0-update_14 5.0-update_14.x
sun / jre 6-update_3 6-update_3.x
sun / jdk 6-update_11 6-update_11.x
sun / jre 6-update_4 6-update_4.x
sun / jre 5.0-update_12 5.0-update_12.x
sun / jdk 5.0-update_1 5.0-update_1.x
sun / jdk 5.0-update_17 5.0-update_17.x
sun / jdk 6-update_1 6-update_1.x
sun / jdk 6-update_3 6-update_3.x
sun / jdk 6-update_9 6-update_9.x
sun / jdk 5.0-update_5 5.0-update_5.x
sun / jre 6-update_2 6-update_2.x
sun / jre 5.0-update_4 5.0-update_4.x
sun / jre 6-update_9 6-update_9.x
sun / jdk 6-update_4 6-update_4.x
sun / jdk 6-update_12 6-update_12.x
sun / jdk - 6.x
sun / jre 5.0-update_9 5.0-update_9.x
sun / jre 5.0-update_8 5.0-update_8.x
sun / jre 5.0-update_7 5.0-update_7.x
sun / jdk 5.0-update_6 5.0-update_6.x
sun / jre 5.0-update_15 5.0-update_15.x
sun / jre 6-update_11 6-update_11.x
sun / jre 6-update_5 6-update_5.x
sun / jre 5.0-update_16 5.0-update_16.x
sun / jdk 5.0-update_14 5.0-update_14.x
sun / jdk 6-update_8 6-update_8.x
sun / jre 6-update_12 6-update_12.x
sun / jre 5.0-update_2 5.0-update_2.x
sun / jdk 6-update_2 6-update_2.x
sun / jre 6-update_7 6-update_7.x
sun / jre 6-update_8 6-update_8.x
sun / jdk 5.0-update_13 5.0-update_13.x
sun / jre 5.0-update_5 5.0-update_5.x
sun / jdk 5.0-update_16 5.0-update_16.x
sun / jre 5.0-update_6 5.0-update_6.x
sun / jre 5.0-update_11 5.0-update_11.x
sun / jre 6-update_1 6-update_1.x
sun / jdk 6-update_5 6-update_5.x
sun / jre 5.0-update_17 5.0-update_17.x
sun / jdk 5.0-update_10 5.0-update_10.x
sun / jdk 5.0-update_2 5.0-update_2.x
sun / jdk 5.0-update_4 5.0-update_4.x
sun / jdk 5.0-update_9 5.0-update_9.x
sun / jre 6-update_6 6-update_6.x
sun / jre 5.0-update_3 5.0-update_3.x
sun / jre 5.0-update_10 5.0-update_10.x
sun / jdk 5.0-update_7 5.0-update_7.x
sun / jdk 6-update_10 6-update_10.x