Описание
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 6b20-1.10~pre3-0ubuntu1 |
| hardy | released | 6b27-1.12.3-0ubuntu1~08.04.1 |
| karmic | released | 6b18-1.8.3-0ubuntu1~9.10.1 |
| lucid | released | 6b20-1.9.2-0ubuntu1~10.04.1 |
| maverick | released | 6b20-1.9.2-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 6b18-1.8.3-1ubuntu1 |
| hardy | DNE | |
| karmic | not-affected | 6b18-1.8.4-0ubuntu1~9.10.1 |
| lucid | released | 6b18-1.8.3-0ubuntu1~10.04.1 |
| maverick | released | 6b18-1.8.3-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| hardy | not-affected | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | not-affected |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2 ...
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
ELSA-2011-0176: java-1.6.0-openjdk security update (MODERATE)
EPSS
5 Medium
CVSS2