Strix
26.1K

CVE-2009-2718

UnknownEPSS 1.71%

Last modified

CVE-2009-2718 is a vulnerability of currently unknown severity. The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.. EPSS estimates a 1.71% chance of exploitation in the next 30 days.

Description

The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.

Metrics

EPSS Probability
1.71%

74.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
SunJava Se614

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-2718?
The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.
How severe is CVE-2009-2718?
Severity scoring for CVE-2009-2718 is pending analysis. The EPSS model estimates a 1.71% probability of exploitation in the next 30 days.
How do I fix CVE-2009-2718?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-2718?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST