CVE-2009-1101
The MITRE CVE dictionary describes this issue as:
Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak."
Find out more about CVE-2009-1101 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v2 metrics
| Base Score | 6.4 |
|---|---|
| Base Metrics | AV:N/AC:L/Au:N/C:P/I:N/A:P |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Satellite 5.3 (RHEL v.5) (java-1.6.0-ibm) | RHSA-2010:0043 | 2010-01-14 |
| Red Hat Enterprise Linux AS version 4 Extras (java-1.5.0-ibm) | RHSA-2009:1038 | 2009-05-18 |
| Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-ibm) | RHSA-2009:1038 | 2009-05-18 |
| Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-ibm) | RHSA-2009:1198 | 2009-08-06 |
| Red Hat Enterprise Linux 5 (java-1.6.0-openjdk) | RHSA-2009:0377 | 2009-04-07 |
| Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-sun) | RHSA-2009:0392 | 2009-03-26 |
| Red Hat Satellite 5.3 (RHEL v.4) (java-1.6.0-ibm) | RHSA-2010:0043 | 2010-01-14 |
| Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) | RHSA-2009:1198 | 2009-08-06 |
| Red Hat Enterprise Linux AS version 4 Extras (java-1.6.0-sun) | RHSA-2009:0392 | 2009-03-26 |
CVE description copyright © 2017, The MITRE Corporation