OpenJDK Swing timer-based security manager bypass (6907662)

🗓️ 16 Mar 2011 12:36:00Reported by RedHatType

Unspecified Swing vulnerability in Java Runtime Environment lets remote untrusted Web Start apps and applets affect confidentiality, integrity, and availability in older releases.

Reporter	Title	Published	Views	Family All 136
Tenable Nessus	CentOS 5 : java-1.6.0-openjdk (CESA-2011:0281)	15 Apr 201100:00	–	nessus
Tenable Nessus	Debian DSA-2224-1 : openjdk-6 - several vulnerabilities	21 Apr 201100:00	–	nessus
Tenable Nessus	Fedora 13 : java-1.6.0-openjdk-1.6.0.0-50.1.8.7.fc13 (2011-1631)	17 Feb 201100:00	–	nessus
Tenable Nessus	Fedora 14 : java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14 (2011-1645)	17 Feb 201100:00	–	nessus
Tenable Nessus	GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST)	7 Nov 201100:00	–	nessus
Tenable Nessus	GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)	30 Jun 201400:00	–	nessus
Tenable Nessus	Mac OS X : Java for Mac OS X 10.5 Update 9	9 Mar 201100:00	–	nessus
Tenable Nessus	Mac OS X : Java for Mac OS X 10.6 Update 4	9 Mar 201100:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:054)	28 Mar 201100:00	–	nessus
Tenable Nessus	MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.39.b17.AXS4 (AXSA:2011-61:02)	14 Jan 202600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	4	i386	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.i386.rpm
Red Hat Enterprise Linux	4	ppc	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.ppc.rpm
Red Hat Enterprise Linux	4	ppc64	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.ppc64.rpm
Red Hat Enterprise Linux	4	s390	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.s390.rpm
Red Hat Enterprise Linux	4	s390x	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.s390x.rpm
Red Hat Enterprise Linux	4	x86_64	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el4	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux	5	i386	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el5	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el5.i386.rpm
Red Hat Enterprise Linux	5	ppc	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el5	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el5.ppc.rpm
Red Hat Enterprise Linux	5	ppc64	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el5	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el5.ppc64.rpm
Red Hat Enterprise Linux	5	s390	java-1.6.0-ibm	1:1.6.0.9.1-1jpp.1.el5	java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el5.s390.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2010-4465
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2010-4465
cve	www.cve.org/CVERecord

21 Nov 2025 17:37Current

7.4High risk

Vulners AI Score7.4

CVSS 210

EPSS0.06495