CVE-2009-2205

Java for Mac OS X 10.5 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

References (3)

Core 3
Core References
Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1022820
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2543

Scores

EPSS 0.0232
EPSS Percentile 81.5%

Details

CWE
CWE-119
Status published
Products (23)
apple/java_1.4 2 (3 CPE variants)
apple/java_1.4 < 2
apple/java_1.5 < 0
apple/java_1.6 0 (3 CPE variants)
apple/java_1.6 < 0
apple/mac_os_x 10.5
apple/mac_os_x 10.5.0
apple/mac_os_x 10.5.1
apple/mac_os_x 10.5.2 (2 CPE variants)
apple/mac_os_x 10.5.3
... and 13 more
Published Sep 09, 2009
Tracked Since Feb 18, 2026