VYPR
Unrated severityNVD Advisory· Published Nov 9, 2009· Updated Jun 16, 2026

CVE-2009-3880

CVE-2009-3880

Description

The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39
  • Sun Corporation/Jre37 versions
    cpe:2.3:a:sun:jre:1.5.0:update_1:*:*:*:*:*:*+ 36 more
    • cpe:2.3:a:sun:jre:1.5.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_16:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_17:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_18:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_19:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_20:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.5.0:update_9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_8:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
    • cpe:2.3:a:sun:jre:*:update_16:*:*:*:*:*:*range: <=1.6.0
    • cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*range: <=1.5.0
  • cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
  • Range: 5.0 < Update 22; 6 < Update 17

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.