10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.022 Low
EPSS
Percentile
89.3%
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier,
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to 2D.
Author | Note |
---|---|
mdeslaur | in natty+, NetX and the plugin moved to the icedtea-web package |
sbeattie | red hat description: It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine (JVM), or bypass Java sandbox restrictions. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | openjdk-6 | <ย 6b20-1.9.13-0ubuntu1~10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | openjdk-6 | <ย 6b20-1.9.13-0ubuntu1~10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | openjdk-6 | <ย 6b22-1.10.6-0ubuntu1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-6 | <ย 6b23~pre11-0ubuntu1.11.10.2 | UNKNOWN |
ubuntu | 10.04 | noarch | openjdk-6b18 | <ย 6b18-1.8.13-0ubuntu1~10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | openjdk-6b18 | <ย 6b18-1.8.13-0ubuntu1~10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | openjdk-6b18 | <ย 6b18-1.8.13-0ubuntu1~11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-7 | <ย 7u9-2.3.3-0ubuntu1~11.10.1 | UNKNOWN |