New Search

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15 and OpenJDK grants full privileges to instances of unspecified object types which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.

oval:org.mitre.oval:def:9603

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15 and OpenJDK grants full privileges to instances of unspecified object types which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2009-2689
Product(s):