Veracode Vulnerability DatabaseVERACODE:23754Information Disclosure
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
openjdk is vulnerable to information disclosure. Several potential information leaks were found in various mutable static variables. These could be exploited in application scenarios that execute untrusted scripting code.
References
blogs.sun.com/security/entry/advance_notification_of_security_updates5
java.sun.com/j2se/1.5.0/ReleaseNotes.html
java.sun.com/javase/6/webnotes/6u15.html
lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
secunia.com/advisories/36162
secunia.com/advisories/36176
secunia.com/advisories/36180
secunia.com/advisories/36199
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
www.mandriva.com/security/advisories?name=MDVSA-2009:209
www.redhat.com/security/updates/classification/#important
www.vupen.com/english/advisories/2009/2543
access.redhat.com/errata/RHSA-2009:1201
bugzilla.redhat.com/show_bug.cgi?id=513215
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10221
rhn.redhat.com/errata/RHSA-2009-1199.html
rhn.redhat.com/errata/RHSA-2009-1200.html
rhn.redhat.com/errata/RHSA-2009-1201.html
www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
Related
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N