Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability

Bugtraq ID: 35958
Class: Unknown
CVE: CVE-2009-2625
Remote: Yes
Local: No
Published: Aug 03 2009 12:00AM
Updated: Apr 23 2013 09:40AM
Credit: Jukka Taimisto, Tero Rontti and Rauli Kaksonen from the CROSS project at Codenomicon Ltd, and CERT-FI
Vulnerable: VMWare vMA 4.0
VMWare VirtualCenter 2.0.2
VMWare VirtualCenter 2.5.Update 3 build 1
VMWare VirtualCenter 2.5 Update 5
VMWare VirtualCenter 2.5 Update 2
VMWare VirtualCenter 2.5 Update 1
VMWare VirtualCenter 2.5
VMWare VirtualCenter 2.0.2 Update 5
VMWare VirtualCenter 2.0.2 Update 4
VMWare VirtualCenter 2.0.2 Update 3
VMWare VirtualCenter 2.0.2 Update 2
VMWare VirtualCenter 2.0.2 Update 1
VMWare vCenter 4.0
VMWare Server 2.0
VMWare ESX Server 3.0.3
VMWare ESX Server 4.0
VMWare ESX Server 3.5 ESX350-200910401
VMWare ESX Server 3.5 ESX350-200906407
VMWare ESX Server 3.5 ESX350-200904401
VMWare ESX Server 3.5
Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
SuSE SUSE Linux Enterprise Server 9
SuSE SUSE Linux Enterprise Server 11
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10 SP3
SuSE SUSE Linux Enterprise 10 SP2
SuSE Moblin 2.0
Sun OpenJDK 6 Build b12
Sun JRE (Windows Production Release) 1.5 _06
Sun JRE (Windows Production Release) 1.5 _05
Sun JRE (Windows Production Release) 1.5 _04
Sun JRE (Windows Production Release) 1.5 _03
Sun JRE (Windows Production Release) 1.5 _02
Sun JRE (Windows Production Release) 1.5 _01
Sun JRE (Windows Production Release) 1.6.0_2
Sun JRE (Windows Production Release) 1.6.0_11
Sun JRE (Windows Production Release) 1.6.0_03
Sun JRE (Windows Production Release) 1.6.0_02
Sun JRE (Windows Production Release) 1.6.0_01
Sun JRE (Windows Production Release) 1.5.0_17
Sun JRE (Windows Production Release) 1.5.0_14
Sun JRE (Windows Production Release) 1.5.0_13
Sun JRE (Windows Production Release) 1.5.0_12
Sun JRE (Windows Production Release) 1.5.0_11
Sun JRE (Windows Production Release) 1.5.0_10
Sun JRE (Windows Production Release) 1.5.0.0_09
Sun JRE (Windows Production Release) 1.5.0.0_08
Sun JRE (Windows Production Release) 1.5.0.0_07
Sun JRE (Solaris Production Release) 1.5 _15
Sun JRE (Solaris Production Release) 1.5 _06
Sun JRE (Solaris Production Release) 1.5 _05
Sun JRE (Solaris Production Release) 1.5 _04
Sun JRE (Solaris Production Release) 1.5 _03
Sun JRE (Solaris Production Release) 1.5 _02
Sun JRE (Solaris Production Release) 1.5 _01
Sun JRE (Solaris Production Release) 1.5
Sun JRE (Solaris Production Release) 1.6.0_2
Sun JRE (Solaris Production Release) 1.6.0_11
Sun JRE (Solaris Production Release) 1.6.0_03
Sun JRE (Solaris Production Release) 1.6.0_02
Sun JRE (Solaris Production Release) 1.6.0_01
Sun JRE (Solaris Production Release) 1.5.0_17
Sun JRE (Solaris Production Release) 1.5.0_14
Sun JRE (Solaris Production Release) 1.5.0_13
Sun JRE (Solaris Production Release) 1.5.0_12
Sun JRE (Solaris Production Release) 1.5.0_11
Sun JRE (Solaris Production Release) 1.5.0_10
Sun JRE (Solaris Production Release) 1.5.0.0_09
Sun JRE (Solaris Production Release) 1.5.0.0_08
Sun JRE (Solaris Production Release) 1.5.0.0_07
Sun JRE (Linux Production Release) 1.6 _13
Sun JRE (Linux Production Release) 1.6 _12
Sun JRE (Linux Production Release) 1.6 _10
Sun JRE (Linux Production Release) 1.6 _07
Sun JRE (Linux Production Release) 1.6 _06
Sun JRE (Linux Production Release) 1.6 _05
Sun JRE (Linux Production Release) 1.6 _04
Sun JRE (Linux Production Release) 1.5 _18
Sun JRE (Linux Production Release) 1.5 _16
Sun JRE (Linux Production Release) 1.5 _15
Sun JRE (Linux Production Release) 1.5 _07
Sun JRE (Linux Production Release) 1.5 _06
Sun JRE (Linux Production Release) 1.5 _05
Sun JRE (Linux Production Release) 1.5 _04
Sun JRE (Linux Production Release) 1.5 _03
Sun JRE (Linux Production Release) 1.5 _02
Sun JRE (Linux Production Release) 1.5 _01
Sun JRE (Linux Production Release) 1.5 .0 beta
Sun JRE (Linux Production Release) 1.5
Sun JRE (Linux Production Release) 1.6.0_14
Sun JRE (Linux Production Release) 1.6.0_11
Sun JRE (Linux Production Release) 1.6.0_03
Sun JRE (Linux Production Release) 1.6.0_02
Sun JRE (Linux Production Release) 1.6.0_01
Sun JRE (Linux Production Release) 1.5.0_17
Sun JRE (Linux Production Release) 1.5.0_14
Sun JRE (Linux Production Release) 1.5.0_13
Sun JRE (Linux Production Release) 1.5.0_12
Sun JRE (Linux Production Release) 1.5.0_11
Sun JRE (Linux Production Release) 1.5.0_10
Sun JRE (Linux Production Release) 1.5.0_09
Sun JRE (Linux Production Release) 1.5.0_08
Sun JDK (Windows Production Release) 1.5 0_10
Sun JDK (Windows Production Release) 1.5 .0_05
Sun JDK (Windows Production Release) 1.5 .0_04
Sun JDK (Windows Production Release) 1.5 .0_03
Sun JDK (Windows Production Release) 1.6.0_03
Sun JDK (Windows Production Release) 1.6.0_02
Sun JDK (Windows Production Release) 1.6.0_01-b06
Sun JDK (Windows Production Release) 1.6.0_01
Sun JDK (Windows Production Release) 1.5.0_16
Sun JDK (Windows Production Release) 1.5.0_13
Sun JDK (Windows Production Release) 1.5.0_12
Sun JDK (Windows Production Release) 1.5.0_11-b03
Sun JDK (Windows Production Release) 1.5.0_07-b03
Sun JDK (Windows Production Release) 1.5.0.0_11
Sun JDK (Windows Production Release) 1.5.0.0_09
Sun JDK (Windows Production Release) 1.5.0.0_08
Sun JDK (Windows Production Release) 1.5.0.0_06
Sun JDK (Solaris Production Release) 1.5 0_10
Sun JDK (Solaris Production Release) 1.5 0_09
Sun JDK (Solaris Production Release) 1.5 0_03
Sun JDK (Solaris Production Release) 1.5 _15
Sun JDK (Solaris Production Release) 1.5 _06
Sun JDK (Solaris Production Release) 1.5 .0_05
Sun JDK (Solaris Production Release) 1.5 .0_04
Sun JDK (Solaris Production Release) 1.5 .0_03
Sun JDK (Solaris Production Release) 1.6.0_03
Sun JDK (Solaris Production Release) 1.6.0_02
Sun JDK (Solaris Production Release) 1.6.0_01
Sun JDK (Solaris Production Release) 1.5.0_16
Sun JDK (Solaris Production Release) 1.5.0_13
Sun JDK (Solaris Production Release) 1.5.0_12
Sun JDK (Solaris Production Release) 1.5.0_11
Sun JDK (Linux Production Release) 1.6 _14
Sun JDK (Linux Production Release) 1.6 _13
Sun JDK (Linux Production Release) 1.6 _11
Sun JDK (Linux Production Release) 1.6 _10
Sun JDK (Linux Production Release) 1.6 _07
Sun JDK (Linux Production Release) 1.6 _06
Sun JDK (Linux Production Release) 1.6 _05
Sun JDK (Linux Production Release) 1.6 _04
Sun JDK (Linux Production Release) 1.6 _01-b06
Sun JDK (Linux Production Release) 1.6 _01
Sun JDK (Linux Production Release) 1.6
Sun JDK (Linux Production Release) 1.5 0_10
Sun JDK (Linux Production Release) 1.5 _18
Sun JDK (Linux Production Release) 1.5 _17
Sun JDK (Linux Production Release) 1.5 _15
Sun JDK (Linux Production Release) 1.5 _14
Sun JDK (Linux Production Release) 1.5 _11-b03
Sun JDK (Linux Production Release) 1.5 _07-b03
Sun JDK (Linux Production Release) 1.5 _07
Sun JDK (Linux Production Release) 1.5 _06
Sun JDK (Linux Production Release) 1.5 _02
Sun JDK (Linux Production Release) 1.5 _01
Sun JDK (Linux Production Release) 1.5
Sun JDK (Linux Production Release) 1.6.0_03
Sun JDK (Linux Production Release) 1.6.0_02
Sun JDK (Linux Production Release) 1.5.0_13
Sun JDK (Linux Production Release) 1.5.0.0_09
Sun JDK (Linux Production Release) 1.5.0.0_08
Sun JDK (Linux Production Release) 1.5.0.0_04
Sun JDK (Linux Production Release) 1.5.0.0_03
Sun Java System Application Server Standard Platform 8.1 2005 Q1
Sun Java System Application Server Standard Edition 8.2
Sun Java System Application Server Platform Edition 8.1 2005 Q1 UR1
Sun Java System Application Server Platform Edition 8.1 2005 Q1
Sun Java System Application Server Platform Edition 8.2
Sun Java System Application Server Platform Edition 8.1
Sun Java System Application Server Enterprise Edition 8.1 2005Q1RHEL2.1/RHEL3
Sun Java System Application Server Enterprise Edition 8.1 2005 Q1
Sun Java System Application Server Enterprise Edition 8.2
Sun Java System Application Server Enterprise Edition 8.1 2005 Q1
Sun Java System Application Server Enterprise Edition 8.1
Sun Java System Application Server 8.0 Platform Edition
Sun Java System Application Server 8.2
Sun Java System Application Server 8.1
Sun Java System Application Server 8.0
Sun Glassfish Enterprise Server 2.1
Slackware Linux x86_64 -current
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.0
Slackware Linux 12.2
Slackware Linux 12.1
Slackware Linux 12.0
Slackware Linux 11.0
Slackware Linux -current
S.u.S.E. openSUSE 11.2
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
RedHat Red Hat Network Satellite (for RHEL 4) 5.1
RedHat Network Satellite (for RHEL 5 Server) 5.3
RedHat Network Satellite (for RHEL 4 AS) 5.3
RedHat Enterprise Linux WS Extras 4
RedHat Enterprise Linux WS Extras 3
RedHat Enterprise Linux Supplementary EUS 5.3.z
RedHat Enterprise Linux for SAP 0
RedHat Enterprise Linux Extras 4.8.z
RedHat Enterprise Linux Extras 4
RedHat Enterprise Linux Extras 3
RedHat Enterprise Linux ES Extras 4
RedHat Enterprise Linux ES Extras 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux AS Extras 4
RedHat Enterprise Linux AS Extras 3
RedHat Desktop Extras 4
RedHat Desktop Extras 3
Red Hat JBoss Enterprise Application Platform 4.3 EL5
Red Hat JBoss Enterprise Application Platform 4.3 EL4
Red Hat JBoss Enterprise Application Platform 4.3
Red Hat JBoss Enterprise Application Platform 4.2 EL5
Red Hat JBoss Enterprise Application Platform 4.2 EL4
Red Hat JBoss Enterprise Application Platform 4.2
Red Hat Fedora 11
Red Hat Fedora 10
Red Hat Enterprise Virtualization Manager 3.0
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux EUS 5.3.z server
Red Hat Enterprise Linux Desktop Supplementary 5 client
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Pardus Linux 2009 0
Oracle Primavera P6 Web Services 6.2.1
Oracle Primavera P6 Web Services 7.0 SP
Oracle Primavera P6 Web Services 7.0
Oracle Primavera P6 Enterprise Project Portfolio Management 6.2.1
Oracle Primavera P6 Enterprise Project Portfolio Management 7.0
Oracle Primavera P6 Enterprise Project Portfolio Management 6.1
Oracle JRockit R27.6.4
Oracle JRockit R27.6.3
Oracle JRockit R27.6.2
Oracle JRockit R27.6.0
Oracle JRockit R27.1.0
Nortel Networks Self-Service WVADS 0
Nortel Networks Self-Service Speech Server 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 500 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service CCXML 0
Nortel Networks Self Service VoiceXML 0
Nortel Networks Contact Center - CCT 0
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM Java SE 6.0 SR5
IBM J2SE 5.0 SR9
HP HP-UX 11.23
HP HP-UX 11.11
HP HP-UX 11.31
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Avaya Voice Portal 5.0
Apple Mac OS X Server 10.5.8
Apple Mac OS X Server 10.5.7
Apple Mac OS X Server 10.5.6
Apple Mac OS X Server 10.5.5
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.8
Apple Mac OS X 10.5.7
Apple Mac OS X 10.5.6
Apple Mac OS X 10.5.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.5
Apache Software Foundation Xerces2 Java Parser 2.9
Apache Software Foundation Xerces2 Java Parser 2.7.1
Apache Software Foundation Xerces2 Java Parser 2.2.1
Not Vulnerable: VMWare vMA 4.0 Patch 2
VMWare VirtualCenter 2.5 Update 6
VMWare vCenter 4.0 Update 1
VMWare ESX Server 3.5 ESX350-201003403
Sun JRE (Windows Production Release) 1.6.0_15
Sun JRE (Windows Production Release) 1.5.0_20
Sun JRE (Solaris Production Release) 1.6.0_15
Sun JRE (Solaris Production Release) 1.5.0_20
Sun JRE (Linux Production Release) 1.6.0_15
Sun JRE (Linux Production Release) 1.5.0_20
Sun JDK (Windows Production Release) 1.6.0_15
Sun JDK (Windows Production Release) 1.5.0_20
Sun JDK (Solaris Production Release) 1.6.0_15
Sun JDK (Solaris Production Release) 1.5.0_20
Sun JDK (Linux Production Release) 1.6.0_15
Sun JDK (Linux Production Release) 1.5.0_20
IBM J2SE 5.0 SR10


 

Privacy Statement
Copyright 2010, SecurityFocus