New Search

Sun Java Runtime Environment Java Plug-in signed applet unauthorized access

oval:org.mitre.oval:def:6585

The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier and 5.0 Update 17 and earlier allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog related to a "Swing JLabel HTML parsing vulnerability" aka CR 6782871.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 3.5
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2009-1107
Product(s):