LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

java-1.6.0-openjdk: multiple vulnerabilities

Package(s):java-1.6.0-openjdk CVE #(s):CVE-2009-2475 CVE-2009-2476 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 CVE-2009-2675 CVE-2009-2689 CVE-2009-2690 CVE-2009-1896
Created:August 7, 2009 Updated:November 30, 2009
Description: From the Fedora advisory:

CVE-2009-2475 OpenJDK information leaks in mutable variables

CVE-2009-2476 OpenJDK OpenType checks can be bypassed

CVE-2009-2625 OpenJDK XML parsing Denial-Of-Service

CVE-2009-2670 OpenJDK Untrusted applet System properties access

CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks

CVE-2009-2673 OpenJDK proxy mechanism allows non-authorized socket connections

CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow

CVE-2009-2675 Java Web Start Buffer unpack200 processing integer overflow

CVE-2009-2689 OpenJDK JDK13Services grants unnecessary privileges

CVE-2009-2690 OpenJDK private variable information disclosure

CVE-2009-1896 openjdk/netx grants privileges for signed jars to bundled unsigned jars

Alerts:
Mandriva MDVSA-2009:217-1 2009-08-23
Mandriva MDVSA-2009:217-2 2009-10-08
SuSE SUSE-SR:2009:014 2009-09-01
Red Hat RHSA-2009:1236-01 2009-08-28
Mandriva MDVSA-2009:209 2009-08-21
Ubuntu USN-814-1 2009-08-11
CentOS CESA-2009:1201 2009-08-08
SuSE SUSE-SA:2009:043 2009-08-07
Red Hat RHSA-2009:1201-01 2009-08-06
Red Hat RHSA-2009:1200-01 2009-08-06
Red Hat RHSA-2009:1199-01 2009-08-06
Fedora FEDORA-2009-8337 2009-08-07
Fedora FEDORA-2009-8329 2009-08-07
SuSE SUSE-SA:2009:053 2009-11-04
SuSE SUSE-SR:2009:017 2009-10-26
Gentoo 200911-02 2009-11-17
Red Hat RHSA-2009:1582-01 2009-11-12
SuSE SUSE-SR:2009:016 2009-10-13
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds