10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
java is vulnerable to arbitrary code execution. Several buffer overflow flaws were found in the Java Runtime Environment unpack200 functionality. An untrusted applet could extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the applet.
blogs.sun.com/security/entry/advance_notification_of_security_updates4
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133
lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html
lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html
marc.info/?l=bugtraq&m=124344236532162&w=2
secunia.com/advisories/34489
secunia.com/advisories/34495
secunia.com/advisories/34496
secunia.com/advisories/34632
secunia.com/advisories/34675
secunia.com/advisories/35156
secunia.com/advisories/35223
secunia.com/advisories/35255
secunia.com/advisories/35416
secunia.com/advisories/36185
secunia.com/advisories/37386
secunia.com/advisories/37460
security.gentoo.org/glsa/glsa-200911-02.xml
sunsolve.sun.com/search/document.do?assetkey=1-21-125137-14-1
sunsolve.sun.com/search/document.do?assetkey=1-26-254570-1
sunsolve.sun.com/search/document.do?assetkey=1-77-1020225.1-1
support.avaya.com/elmodocs2/security/ASA-2009-108.htm
support.avaya.com/elmodocs2/security/ASA-2009-109.htm
www.debian.org/security/2009/dsa-1769
www.mandriva.com/security/advisories?name=MDVSA-2009:137
www.mandriva.com/security/advisories?name=MDVSA-2009:162
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-0392.html
www.redhat.com/support/errata/RHSA-2009-0394.html
www.redhat.com/support/errata/RHSA-2009-1038.html
www.securityfocus.com/archive/1/507985/100/0/threaded
www.securityfocus.com/bid/34240
www.securitytracker.com/id?1021894
www.ubuntu.com/usn/usn-748-1
www.vmware.com/security/advisories/VMSA-2009-0016.html
www.vupen.com/english/advisories/2009/1426
www.vupen.com/english/advisories/2009/3316
access.redhat.com/errata/RHSA-2009:0377
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6659
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8844
rhn.redhat.com/errata/RHSA-2009-0377.html
rhn.redhat.com/errata/RHSA-2009-1198.html