CVSS: 9.1EPSS: 13%CPEs: 138EXPL: 0CVE-2009-2676 – JRE applet launcher vulnerability
https://notcve.org/view.php?id=CVE-2009-2676
05 Aug 2009 — Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher. Vulnerabilidad no especificada en JNLPAppletlauncher en Sun Java SE, y SE Business, en JDK y JRE 6v Update v14 y anteriores ... • http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html •
CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 0CVE-2009-1099 – OpenJDK: Type1 font processing buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2009-1099
25 Mar 2009 — Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow. Un error de firma de enteros en Java SE Development Kit (JDK) y Java Runtime Environment (JRE) versiones 5.0 Update 17 y anteriores, y versiones 6 Update 12 y anteriores, permite a l... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133 • CWE-189: Numeric Errors •