CVE-2009-0793
Title: Sun Openjdk Memory Corruption
Memory Corruption
Proof Of Concept
No public PoC currently indexed for CVE-2009-0793.
CWE Category
CWE-20
Published Date
Apr 09, 2009
Modified Date
Apr 09, 2025
Exploit Status
Not Found
Score
4.3
CVSS v2.0
Exploit Probability (EPSS)
10.61%
Vulnerability Summary
CVE-2009-0793: cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
Impacted Vendors
Reference Links
http://secunia.com/advisories/34623
http://secunia.com/advisories/34632
http://secunia.com/advisories/34634
http://secunia.com/advisories/34635
http://secunia.com/advisories/34675
http://secunia.com/advisories/34782
http://secunia.com/advisories/35048
http://secunia.com/advisories/42870
http://security.gentoo.org/glsa/glsa-200904-19.xml
http://www.debian.org/security/2009/dsa-1769
http://www.mandriva.com/security/advisories?name=MDVSA-2009:121
http://www.mandriva.com/security/advisories?name=MDVSA-2009:137
http://www.mandriva.com/security/advisories?name=MDVSA-2009:162
http://www.securityfocus.com/bid/34411
http://www.securityfocus.com/bid/34420
http://www.ubuntu.com/usn/USN-1043-1
http://www.vupen.com/english/advisories/2009/0963
http://www.vupen.com/english/advisories/2009/0964
http://www.vupen.com/english/advisories/2011/0087
https://bugzilla.redhat.com/show_bug.cgi?id=492353
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340
https://rhn.redhat.com/errata/RHSA-2009-0377.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html
http://secunia.com/advisories/34623
http://secunia.com/advisories/34632
http://secunia.com/advisories/34634
http://secunia.com/advisories/34635
http://secunia.com/advisories/34675
http://secunia.com/advisories/34782
http://secunia.com/advisories/35048
http://secunia.com/advisories/42870
http://security.gentoo.org/glsa/glsa-200904-19.xml
http://www.debian.org/security/2009/dsa-1769
http://www.mandriva.com/security/advisories?name=MDVSA-2009:121
http://www.mandriva.com/security/advisories?name=MDVSA-2009:137
http://www.mandriva.com/security/advisories?name=MDVSA-2009:162
http://www.securityfocus.com/bid/34411
http://www.securityfocus.com/bid/34420
http://www.ubuntu.com/usn/USN-1043-1
http://www.vupen.com/english/advisories/2009/0963
http://www.vupen.com/english/advisories/2009/0964
http://www.vupen.com/english/advisories/2011/0087
https://bugzilla.redhat.com/show_bug.cgi?id=492353
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340
https://rhn.redhat.com/errata/RHSA-2009-0377.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.html
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
4.3
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:M/Au:N/C:N/I:N/A:P
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2009-0793 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:M/Au:N/C:N/I:N/A:P
Affected Stack
No specific products linked.