CVE-2009-2625

CVE-2009-2625

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

Published Mar 28, 2017

codenomicon.com Red Hat · Bugzilla #512921

CVSS ScoreMedium

5.0

Vulnerabilities

CVE-2009-2625

Published Mar 28, 2017

codenomicon.com Red Hat · Bugzilla #512921

CVSS ScoreMedium

5.0

CVE-2009-2625 Security Details

CVE ID: CVE-2009-2625
CWE: NVD-CWE-Other
CVE Description: XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Published: Mar 28, 2017
CVSS Score & Severity: 5.0Medium
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Score: 1.044%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: codenomicon.comATTACK
Red Hat · Bugzilla #512921THIRD_PARTY

CVE-2009-2625 Security Details

CVE ID: CVE-2009-2625
CWE: NVD-CWE-Other
CVE Description: XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
Published: Mar 28, 2017
CVSS Score & Severity: 5.0Medium
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Score: 1.044%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: codenomicon.comATTACK
Red Hat · Bugzilla #512921THIRD_PARTY

Find vulnerabilities. Fix fast with AI.

CVE-2009-2625

CVE-2009-2625 Security Details

CVE-2009-2625 Security Details