10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.4%
Unspecified vulnerability in the Java Runtime Environment component in
Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and
earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality,
integrity, and availability via unknown vectors related to Swing.
Author | Note |
---|---|
mdeslaur | in natty+, NetX and the plugin moved to the icedtea-web package |
sbeattie | appears to affect only sun-java6 |