5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
openjdk is vulnerable to information disclosure. An information disclosure flaw was found in the way private Java variables were handled. An untrusted applet or application could use this flaw to obtain information from variables that would otherwise be private.
blogs.sun.com/security/entry/advance_notification_of_security_updates5
java.sun.com/javase/6/webnotes/6u15.html
lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
secunia.com/advisories/36162
secunia.com/advisories/36176
secunia.com/advisories/36180
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
www.mandriva.com/security/advisories?name=MDVSA-2009:209
www.redhat.com/security/updates/classification/#important
www.vupen.com/english/advisories/2009/2543
access.redhat.com/errata/RHSA-2009:1201
bugzilla.redhat.com/show_bug.cgi?id=513223
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9443
rhn.redhat.com/errata/RHSA-2009-1200.html
rhn.redhat.com/errata/RHSA-2009-1201.html
www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html