Описание
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b16-1.6.1-0ubuntu1 |
| hardy | released | 6b18-1.8.2-4ubuntu1~8.04.1 |
| intrepid | released | 6b12-0ubuntu6.5 |
| jaunty | released | 6b14-1.4.1-0ubuntu11 |
| karmic | not-affected | 6b16-1.6.1-0ubuntu1 |
| lucid | not-affected | 6b16-1.6.1-0ubuntu1 |
| maverick | not-affected | 6b16-1.6.1-0ubuntu1 |
| upstream | released | 6b16 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | not-affected | 1.5.0-22-0ubuntu0.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | released | 1.5.0-20 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 6.20dlj-0ubuntu1.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | released | 6.20dlj-0ubuntu1.9.04 |
| karmic | released | 6-15-1 |
| lucid | released | 6-15-1 |
| maverick | not-affected | |
| upstream | released | 6.15 |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 b ...
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
ELSA-2009-1201: java-1.6.0-openjdk security and bug fix update (IMPORTANT)
EPSS
10 Critical
CVSS2