Lucene search
Ubuntu.comUB:CVE-2009-1896HistoryAug 10, 2009 - 12:00 a.m.
CVE-2009-1896
2009-08-1000:00:00
ubuntu.com
ubuntu.com
16
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.009
Percentile
82.4%
The Java Web Start framework in IcedTea in OpenJDK before
1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora
11, trusts an entire application when at least one of the listed jar files
is trusted, which allows context-dependent attackers to execute arbitrary
code without the untrusted-code restrictions via a crafted application,
related to NetX.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | openjdk specific |
Related
prion
prion
Code injection
2009-08-10 18:30:00
cve
cve
CVE-2009-1896
2009-08-10 18:30:00
nvd
nvd
CVE-2009-1896
2009-08-10 18:30:00
cvelist
cvelist
CVE-2009-1896
2009-08-10 18:00:00
nessus
nessus
openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)
2009-08-31 00:00:00
openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1252)
2009-08-31 00:00:00
Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2009:209)
2009-08-24 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:209 (java-1.6.0-openjdk)
2009-09-02 00:00:00
Fedora Core 10 FEDORA-2009-8337 (java-1.6.0-openjdk)
2009-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-20.b16.fc10
2009-08-07 05:02:36
[SECURITY] Fedora 11 Update: java-1.6.0-openjdk-1.6.0.0-27.b16.fc11
2009-08-07 04:59:49
ubuntu
ubuntu
OpenJDK vulnerabilities
2009-08-11 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.009
Percentile
82.4%
Related for UB:CVE-2009-1896