CVE-2009-3876

Published: 05 November 2009

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.

Priority

Medium

Status

Package Release Status
openjdk-6
Launchpad, Ubuntu, Debian
Upstream
Released (6b17)
sun-java5
Launchpad, Ubuntu, Debian
Upstream
Released (1.5.0-22)
sun-java6
Launchpad, Ubuntu, Debian
Upstream
Released (6.17)