Design/Logic Flaw

2011-02-1719:00:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

38.4%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.

CPENameOperatorVersion
jdkeq1.6.0 update-4
jdkeq1.6.0 update-7
jdkeq1.6.0 update-19
jdkeq1.6.0 update-13
jdkeq1.6.0 update-3
jdkeq1.6.0 update-22
jdkeq1.6.0 update-11
jdkeq1.6.0 update-10
jdkeq1.6.0 update-14
jdkeq1.6.0

Name	Operator	Version
jdk	eq	1.6.0 update-4
jdk	eq	1.6.0 update-7
jdk	eq	1.6.0 update-19
jdk	eq	1.6.0 update-13
jdk	eq	1.6.0 update-3
jdk	eq	1.6.0 update-22
jdk	eq	1.6.0 update-11
jdk	eq	1.6.0 update-10
jdk	eq	1.6.0 update-14
jdk	eq	1.6.0