7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
java is vulnerable to arbitrary code execution. The vulnerability exists as potential information leaks were found in various mutable static variables. These could be exploited in application scenarios that execute untrusted scripting code.
blogs.sun.com/security/entry/advance_notification_of_security_updates6
java.sun.com/j2se/1.5.0/ReleaseNotes.html
java.sun.com/javase/6/webnotes/6u17.html
secunia.com/advisories/37386
security.gentoo.org/glsa/glsa-200911-02.xml
www.mandriva.com/security/advisories?name=MDVSA-2010:084
www.redhat.com/security/updates/classification/#important
access.redhat.com/errata/RHSA-2009:1584
bugzilla.redhat.com/show_bug.cgi?id=530175
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10191
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6968