medium
6.8
CWE
Advisory Published
Updated

CVE-2009-3839

First published: Mon Nov 02 2009(Updated: )

Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Solaris=snv_70
Solaris=snv_114
Solaris=snv_90
Solaris=snv_93
Solaris=snv_110
Solaris=snv_85
Solaris=snv_50
Solaris=snv_116
Solaris=snv_120
Solaris=snv_72
Solaris=snv_67
Solaris=snv_117
Solaris=snv_87
Solaris=snv_123
Solaris=snv_92
Solaris=snv_77
Solaris=snv_53
Solaris=snv_41
Solaris=snv_39
Solaris=snv_80
Solaris=snv_119
Solaris=snv_55
Solaris=snv_58
Solaris=snv_103
Solaris=snv_84
Solaris=snv_121
Solaris=snv_106
Solaris=snv_65
Solaris=snv_86
Solaris=snv_62
Solaris=snv_100
Solaris=snv_112
Solaris=snv_66
Solaris=snv_44
Solaris=snv_89
Solaris=snv_59
Oracle Solaris SPARC=10
Solaris=snv_124
Solaris=snv_78
Solaris=snv_96
Solaris=snv_43
Solaris=snv_48
Solaris=snv_99
Solaris=snv_107
Solaris=snv_79
Solaris=snv_63
Solaris=snv_37
Solaris=snv_122
Solaris=snv_115
Solaris=snv_40
Solaris=snv_45
Solaris=snv_52
Solaris=snv_69
Solaris=snv_98
Solaris=snv_109
Solaris=snv_113
Solaris=snv_46
Solaris=snv_71
Solaris=snv_64
Solaris=snv_82
Solaris=snv_102
Solaris=snv_105
Solaris=snv_108
Solaris=snv_57
Solaris=snv_60
Solaris=snv_75
Solaris=snv_81
Solaris=snv_95
Solaris=snv_47
Solaris=snv_49
Solaris=snv_88
Solaris=snv_73
Solaris=snv_104
Solaris=snv_61
Solaris=snv_94
Solaris=snv_101
Solaris=snv_83
Solaris=snv_68
Solaris=snv_97
Solaris=snv_56
Solaris=snv_42
Solaris=snv_125
Solaris=snv_74
Solaris=snv_111
Solaris=snv_91
Solaris=snv_76
Solaris=snv_54
Solaris=snv_118
Solaris=snv_38
Solaris=snv_51
Solaris=snv_113
Solaris=snv_101
Solaris=snv_120
Solaris=snv_57
Solaris=snv_87
Solaris=snv_73
Solaris=snv_91
Solaris=snv_85
Solaris=snv_74
Solaris=snv_104
Solaris=snv_103
Solaris=snv_118
Solaris=snv_66
Solaris=snv_105
Solaris=snv_46
Solaris=snv_52
Solaris=snv_82
Solaris=snv_72
Solaris=snv_88
Solaris=snv_114
Solaris=snv_56
Solaris=snv_43
Solaris=snv_39
Solaris=snv_50
Solaris=snv_93
Solaris=snv_54
Solaris=snv_40
Solaris=snv_121
Solaris=snv_65
Solaris=snv_49
Solaris=snv_106
Solaris=snv_119
Solaris=snv_37
Solaris=snv_107
Solaris=snv_71
Solaris=snv_64
Solaris=snv_77
Solaris=snv_61
Solaris=snv_79
Solaris=snv_42
Solaris=snv_38
Solaris=snv_90
Solaris=snv_112
Solaris=snv_123
Oracle Solaris SPARC=10.0
Solaris=snv_70
Solaris=snv_45
Solaris=snv_59
Solaris=snv_48
Solaris=snv_97
Solaris=snv_124
Solaris=snv_51
Solaris=snv_83
Solaris=snv_115
Solaris=snv_100
Solaris=snv_12
Solaris=snv_96
Solaris=snv_81
Solaris=snv_94
Solaris=snv_86
Solaris=snv_98
Solaris=snv_111
Solaris=snv_80
Solaris=snv_125
Solaris=snv_68
Solaris=snv_67
Solaris=snv_95
Solaris=snv_108
Solaris=snv_78
Solaris=snv_76
Solaris=snv_55
Solaris=snv_122
Solaris=snv_69
Solaris=snv_84
Solaris=snv_44
Solaris=snv_60
Solaris=snv_92
Solaris=snv_116
Solaris=snv_63
Solaris=snv_53
Solaris=snv_58
Solaris=snv_117
Solaris=snv_99
Solaris=snv_109
Solaris=snv_75
Solaris=snv_102
Solaris=snv_41
Solaris=snv_47
Solaris=snv_110
Solaris=snv_62
Solaris=snv_89

Remedy

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270969-1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2009-3839?

    The severity of CVE-2009-3839 is considered critical as it allows remote attackers to execute arbitrary code.

  • How do I fix CVE-2009-3839?

    To fix CVE-2009-3839, apply the recommended patches provided by the vendor for affected Solaris versions.

  • What software versions are affected by CVE-2009-3839?

    CVE-2009-3839 affects multiple versions of Solaris 10, including OpenSolaris snv_37 through snv_125.

  • Can CVE-2009-3839 be exploited remotely?

    Yes, CVE-2009-3839 can be exploited remotely due to vulnerabilities in the X server access permissions.

  • Is there a workaround for CVE-2009-3839?

    A potential workaround is to tightly control access to the X server and limited access to trusted users.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203