New Search

OpenJDK Resurrected Classloaders Can Still Have Children

oval:org.mitre.oval:def:6906

Sun Java SE 5.0 before Update 22 and 6 before Update 17 and OpenJDK does not prevent the existence of children of a resurrected ClassLoader which allows remote attackers to gain privileges via unspecified vectors related to an "information leak vulnerability" aka Bug Id 6636650.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2009-3881
Product(s):