Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-0176

Опубликовано: 25 янв. 2011
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2011-0176: java-1.6.0-openjdk security update (MODERATE)

[1:1.6.0.0-1.17.b17.0.1.el5]

  • Add oracle-enterprise.patch

[1:1.6.0.0-1.17.b17.el5]

  • Updated to 1.7.7 tarball
  • Resolves: bz668487
  • Also resolves bz668488

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

java-1.6.0-openjdk

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-demo

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-devel

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-javadoc

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-src

1.6.0.0-1.17.b17.0.1.el5

Oracle Linux i386

java-1.6.0-openjdk

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-demo

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-devel

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-javadoc

1.6.0.0-1.17.b17.0.1.el5

java-1.6.0-openjdk-src

1.6.0.0-1.17.b17.0.1.el5

Связанные CVE

CVE-2010-3860
CVE-2010-4351

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2010-4351

ubuntu
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

redhat логотип

CVE-2010-4351

redhat
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

nvd логотип

CVE-2010-4351

nvd
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

debian логотип

CVE-2010-4351

debian
больше 14 лет назад

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 ...

ubuntu логотип

CVE-2010-3860

ubuntu
больше 14 лет назад

IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.