Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4351

Опубликовано: 20 янв. 2011
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:redhat:icedtea:1.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*

EPSS

Процентиль: 81%
0.01585
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2010-4351

ubuntu
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

redhat логотип

CVE-2010-4351

redhat
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

debian логотип

CVE-2010-4351

debian
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...

github логотип

GHSA-g6jh-xpq2-3rw2

github
около 3 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

oracle-oval логотип

ELSA-2011-0176

oracle-oval
больше 14 лет назад

ELSA-2011-0176: java-1.6.0-openjdk security update (MODERATE)

EPSS

Процентиль: 81%
0.01585
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264