CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
76.9%
The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun
Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not
properly restrict the objects that may be sent to loggers, which allows
attackers to obtain sensitive information via vectors related to the
implementation of Component, KeyboardFocusManager, and
DefaultKeyboardFocusManager, aka Bug Id 6664512.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | openjdk-6 | < 6b18-1.8.2-4ubuntu1~8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | openjdk-6 | < 6b12-0ubuntu6.6 | UNKNOWN |
ubuntu | 9.04 | noarch | openjdk-6 | < 6b14-1.4.1-0ubuntu12 | UNKNOWN |
ubuntu | 9.10 | noarch | openjdk-6 | < 6b16-1.6.1-3ubuntu1 | UNKNOWN |
ubuntu | 8.04 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.8.04 | UNKNOWN |
ubuntu | 9.04 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.9.04 | UNKNOWN |
ubuntu | 9.10 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.9.10 | UNKNOWN |
ubuntu | 10.04 | noarch | sun-java6 | < 6.20dlj-1ubuntu3 | UNKNOWN |