Описание
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b17~pre2-0ubuntu3 |
| hardy | released | 6b18-1.8.2-4ubuntu1~8.04.1 |
| intrepid | released | 6b12-0ubuntu6.6 |
| jaunty | released | 6b14-1.4.1-0ubuntu12 |
| karmic | released | 6b16-1.6.1-3ubuntu1 |
| lucid | not-affected | 6b17~pre2-0ubuntu3 |
| maverick | not-affected | 6b17~pre2-0ubuntu3 |
| upstream | released | 6b17 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | not-affected | 1.5.0-22-0ubuntu0.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | released | 1.5.0-22 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 6.20dlj-0ubuntu1.8.04 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | released | 6.20dlj-0ubuntu1.9.04 |
| karmic | released | 6.20dlj-0ubuntu1.9.10 |
| lucid | released | 6.20dlj-1ubuntu3 |
| maverick | not-affected | |
| upstream | released | 6.17 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
Directory traversal vulnerability in the ICC_Profile.getInstance metho ...
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
ELSA-2009-1584: java-1.6.0-openjdk security update (IMPORTANT)
5 Medium
CVSS2