Описание
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b16-1.6.1-0ubuntu1 |
| hardy | released | 6b18-1.8.2-4ubuntu1~8.04.1 |
| intrepid | released | 6b12-0ubuntu6.5 |
| jaunty | released | 6b14-1.4.1-0ubuntu11 |
| karmic | not-affected | 6b16-1.6.1-0ubuntu1 |
| lucid | not-affected | 6b16-1.6.1-0ubuntu1 |
| maverick | not-affected | 6b16-1.6.1-0ubuntu1 |
| upstream | released | 6b16 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | not-affected | 1.5.0-22-0ubuntu0.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | released | 1.5.0-20 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 6.20dlj-0ubuntu1.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | released | 6.20dlj-0ubuntu1.9.04 |
| karmic | released | 6-15-1 |
| lucid | released | 6-15-1 |
| maverick | not-affected | |
| upstream | released | 6.15 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
The proxy mechanism implementation in Sun Java Runtime Environment (JR ...
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
ELSA-2009-1201: java-1.6.0-openjdk security and bug fix update (IMPORTANT)
EPSS
7.5 High
CVSS2