CVE-2009-2476

2009-08-10T00:00:00
ID UB:CVE-2009-2476
Type ubuntucve
Reporter ubuntu.com
Modified 2009-08-10T00:00:00

Description

The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.

Bugs

  • <https://bugzilla.redhat.com/show_bug.cgi?id=513220>