Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has
no impact and remote attack vectors involving AWT and βa security-in-depth
issue that is not directly exploitable but which can be used to aggravate
security vulnerabilities that can be directly exploited.β NOTE: this
identifier was assigned by the Oracle CNA, but CVE is not intended to cover
defense-in-depth issues that are only exposed by the presence of other
vulnerabilities. NOTE: Oracle has not commented on claims from a
downstream vendor that this issue is related to βtoolkit internals
references.β
Notes
Author |
Note |
mdeslaur |
in lucid+, NetX and the plugin moved to the icedtea-web package |
sbeattie |
openjdk-6 armel in lucid and natty need FTBFS fixed |