4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.0%
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0
Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted
Java Web Start applications and untrusted Java applets to affect integrity
via unknown vectors related to CORBA.
Author | Note |
---|---|
mdeslaur | in natty+, NetX and the plugin moved to the icedtea-web package |
sbeattie | red hat description: It was discovered that the CORBA (Common Object Request Broker Architecture) implementation in Java did not properly protect repository identifiers on certain CORBA objects. This could have been used to modify immutable object data. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | openjdk-6 | < 6b20-1.9.13-0ubuntu1~10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | openjdk-6 | < 6b20-1.9.13-0ubuntu1~10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | openjdk-6 | < 6b22-1.10.6-0ubuntu1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-6 | < 6b23~pre11-0ubuntu1.11.10.2 | UNKNOWN |
ubuntu | 10.04 | noarch | openjdk-6b18 | < 6b18-1.8.13-0ubuntu1~10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | openjdk-6b18 | < 6b18-1.8.13-0ubuntu1~10.10.1 | UNKNOWN |
ubuntu | 11.04 | noarch | openjdk-6b18 | < 6b18-1.8.13-0ubuntu1~11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-7 | < 7u9-2.3.3-0ubuntu1~11.10.1 | UNKNOWN |