Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-2476

Опубликовано: 10 авг. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 10

Описание

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

karmic

DNE

lucid

DNE

maverick

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

6b16-1.6.1-0ubuntu1
hardy

released

6b18-1.8.2-4ubuntu1~8.04.1
intrepid

released

6b12-0ubuntu6.5
jaunty

released

6b14-1.4.1-0ubuntu11
karmic

not-affected

6b16-1.6.1-0ubuntu1
lucid

not-affected

6b16-1.6.1-0ubuntu1
maverick

not-affected

6b16-1.6.1-0ubuntu1
upstream

released

6b16

Показывать по

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

hardy

not-affected

intrepid

ignored

end of life, was needs-triage
jaunty

not-affected

karmic

DNE

lucid

DNE

maverick

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

6.20dlj-0ubuntu1.8.04
intrepid

ignored

end of life, was needs-triage
jaunty

released

6.20dlj-0ubuntu1.9.04
karmic

released

6-15-1
lucid

released

6-15-1
maverick

not-affected

upstream

released

6.15

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01825
Низкий

10 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-2476

redhat
почти 16 лет назад

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.

nvd логотип

CVE-2009-2476

nvd
почти 16 лет назад

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.

debian логотип

CVE-2009-2476

debian
почти 16 лет назад

The Java Management Extensions (JMX) implementation in Sun Java SE 6 b ...

github логотип

GHSA-f3mh-84r7-6579

github
около 3 лет назад

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.

oracle-oval логотип

ELSA-2009-1201

oracle-oval
почти 16 лет назад

ELSA-2009-1201: java-1.6.0-openjdk security and bug fix update (IMPORTANT)

EPSS

Процентиль: 82%
0.01825
Низкий

10 Critical

CVSS2