rhsa-2009:0392
Vulnerability from csaf_redhat
Published
2009-03-26 16:03
Modified
2024-11-14 10:07
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. These
vulnerabilities are summarized on the "Advance notification of Security
Updates for Java SE" page from Sun Microsystems, listed in the References
section. (CVE-2006-2426, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,
CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100,
CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105,
CVE-2009-1106, CVE-2009-1107)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues. All running instances of Sun Java must be restarted
for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", title: "Topic", }, { category: "general", text: "The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. These\nvulnerabilities are summarized on the \"Advance notification of Security\nUpdates for Java SE\" page from Sun Microsystems, listed in the References\nsection. (CVE-2006-2426, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,\nCVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100,\nCVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105,\nCVE-2009-1106, CVE-2009-1107)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2009:0392", url: "https://access.redhat.com/errata/RHSA-2009:0392", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "http://blogs.sun.com/security/entry/advance_notification_of_security_updates4", url: "http://blogs.sun.com/security/entry/advance_notification_of_security_updates4", }, { category: "external", summary: "395481", url: "https://bugzilla.redhat.com/show_bug.cgi?id=395481", }, { category: "external", summary: "490166", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490166", }, { category: "external", summary: "490167", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490167", }, { category: "external", summary: "490168", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490168", }, { category: "external", summary: "490169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490169", }, { category: "external", summary: "490172", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490172", }, { category: "external", summary: "490174", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490174", }, { category: "external", summary: "490178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490178", }, { category: "external", summary: "492302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492302", }, { category: "external", summary: "492305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492305", }, { category: "external", summary: "492306", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492306", }, { category: "external", summary: "492308", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492308", }, { category: "external", summary: "492309", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492309", }, { category: "external", summary: "492310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492310", }, { category: "external", summary: "492312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0392.json", }, ], title: "Red Hat Security Advisory: java-1.6.0-sun security update", tracking: { current_release_date: "2024-11-14T10:07:22+00:00", generator: { date: "2024-11-14T10:07:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2009:0392", initial_release_date: "2009-03-26T16:03:00+00:00", revision_history: [ { date: "2009-03-26T16:03:00+00:00", number: "1", summary: "Initial version", }, { date: "2009-03-26T12:03:31+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T10:07:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product: { name: "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Supplementary (v. 5)", product: { name: "Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:5::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS version 4 Extras", product: { name: "Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Desktop version 4 Extras", product: { name: "Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 4 Extras", product: { name: "Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 4 Extras", product: { name: "Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:4", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux Supplementary", }, { branches: [ { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", product: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", product_id: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.13-1jpp.1.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", product: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", product_id: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.13-1jpp.1.el4?arch=x86_64&epoch=1", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", product: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", product_id: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.13-1jpp.1.el5?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, { category: "product_version", name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", product: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", product_id: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", product_identification_helper: { purl: "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.13-1jpp.1.el4?arch=i586&epoch=1", }, }, }, ], category: "architecture", name: "i586", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", product_id: "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4AS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", product_id: "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4Desktop-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", product_id: "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4ES-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", product_id: "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", relates_to_product_reference: "4WS-LACD", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", product_id: "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Client-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", relates_to_product_reference: "5Server-Supplementary", }, { category: "default_component_of", full_product_name: { name: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", product_id: "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", }, product_reference: "java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", relates_to_product_reference: "5Server-Supplementary", }, ], }, vulnerabilities: [ { cve: "CVE-2006-2426", discovery_date: "2007-11-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "395481", }, ], notes: [ { category: "description", text: "Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.", title: "Vulnerability description", }, { category: "summary", text: "Untrusted applet causes DoS by filling up disk space", title: "Vulnerability summary", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2006-2426", }, { category: "external", summary: "RHBZ#395481", url: "https://bugzilla.redhat.com/show_bug.cgi?id=395481", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2006-2426", url: "https://www.cve.org/CVERecord?id=CVE-2006-2426", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2006-2426", url: "https://nvd.nist.gov/vuln/detail/CVE-2006-2426", }, ], release_date: "2006-05-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Untrusted applet causes DoS by filling up disk space", }, { cve: "CVE-2009-1093", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490167", }, ], notes: [ { category: "description", text: "LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK remote LDAP Denial-Of-Service (6717680)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1093", }, { category: "external", summary: "RHBZ#490167", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490167", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1093", url: "https://www.cve.org/CVERecord?id=CVE-2009-1093", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1093", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1093", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK remote LDAP Denial-Of-Service (6717680)", }, { cve: "CVE-2009-1094", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490168", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK LDAP client remote code execution (6737315)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1094", }, { category: "external", summary: "RHBZ#490168", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490168", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1094", url: "https://www.cve.org/CVERecord?id=CVE-2009-1094", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1094", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1094", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK LDAP client remote code execution (6737315)", }, { cve: "CVE-2009-1095", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490169", }, ], notes: [ { category: "description", text: "Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1095", }, { category: "external", summary: "RHBZ#490169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490169", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1095", url: "https://www.cve.org/CVERecord?id=CVE-2009-1095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1095", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1095", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", }, { cve: "CVE-2009-1096", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490169", }, ], notes: [ { category: "description", text: "Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1096", }, { category: "external", summary: "RHBZ#490169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490169", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1096", url: "https://www.cve.org/CVERecord?id=CVE-2009-1096", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1096", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1096", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", }, { cve: "CVE-2009-1097", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490174", }, ], notes: [ { category: "description", text: "Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1097", }, { category: "external", summary: "RHBZ#490174", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490174", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1097", url: "https://www.cve.org/CVERecord?id=CVE-2009-1097", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1097", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1097", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)", }, { cve: "CVE-2009-1098", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490178", }, ], notes: [ { category: "description", text: "Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK GIF processing buffer overflow vulnerability (6804998)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1098", }, { category: "external", summary: "RHBZ#490178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490178", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1098", url: "https://www.cve.org/CVERecord?id=CVE-2009-1098", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1098", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1098", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK GIF processing buffer overflow vulnerability (6804998)", }, { cve: "CVE-2009-1099", discovery_date: "2009-03-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492302", }, ], notes: [ { category: "description", text: "Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Type1 font processing buffer overflow vulnerability", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1099", }, { category: "external", summary: "RHBZ#492302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492302", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1099", url: "https://www.cve.org/CVERecord?id=CVE-2009-1099", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1099", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1099", }, ], release_date: "2009-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK: Type1 font processing buffer overflow vulnerability", }, { cve: "CVE-2009-1100", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492305", }, ], notes: [ { category: "description", text: "Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) \"limits on Font creation,\" aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: DoS (disk consumption) via handling of temporary font files", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1100", }, { category: "external", summary: "RHBZ#492305", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492305", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1100", url: "https://www.cve.org/CVERecord?id=CVE-2009-1100", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1100", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1100", }, ], release_date: "2009-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "OpenJDK: DoS (disk consumption) via handling of temporary font files", }, { cve: "CVE-2009-1101", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490166", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor \"leak.\"", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1101", }, { category: "external", summary: "RHBZ#490166", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490166", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1101", url: "https://www.cve.org/CVERecord?id=CVE-2009-1101", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1101", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1101", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)", }, { cve: "CVE-2009-1102", discovery_date: "2009-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "490172", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to \"code generation.\"", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK code generation vulnerability (6636360)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1102", }, { category: "external", summary: "RHBZ#490172", url: "https://bugzilla.redhat.com/show_bug.cgi?id=490172", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1102", url: "https://www.cve.org/CVERecord?id=CVE-2009-1102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1102", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1102", }, ], release_date: "2009-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK code generation vulnerability (6636360)", }, { cve: "CVE-2009-1103", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492306", }, ], notes: [ { category: "description", text: "Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to \"deserializing applets,\" aka CR 6646860.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1103", }, { category: "external", summary: "RHBZ#492306", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492306", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1103", url: "https://www.cve.org/CVERecord?id=CVE-2009-1103", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1103", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1103", }, ], release_date: "2009-03-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)", }, { cve: "CVE-2009-1104", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492308", }, ], notes: [ { category: "description", text: "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack vectors.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1104", }, { category: "external", summary: "RHBZ#492308", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492308", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1104", url: "https://www.cve.org/CVERecord?id=CVE-2009-1104", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1104", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1104", }, ], release_date: "2009-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)", }, { cve: "CVE-2009-1105", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492309", }, ], notes: [ { category: "description", text: "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1105", }, { category: "external", summary: "RHBZ#492309", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492309", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1105", url: "https://www.cve.org/CVERecord?id=CVE-2009-1105", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1105", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1105", }, ], release_date: "2009-03-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)", }, { cve: "CVE-2009-1106", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492310", }, ], notes: [ { category: "description", text: "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1106", }, { category: "external", summary: "RHBZ#492310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1106", url: "https://www.cve.org/CVERecord?id=CVE-2009-1106", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1106", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1106", }, ], release_date: "2009-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)", }, { cve: "CVE-2009-1107", discovery_date: "2009-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "492312", }, ], notes: [ { category: "description", text: "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a \"Swing JLabel HTML parsing vulnerability,\" aka CR 6782871.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: Signed applet remote misuse possibility (6782871)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-1107", }, { category: "external", summary: "RHBZ#492312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=492312", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-1107", url: "https://www.cve.org/CVERecord?id=CVE-2009-1107", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-1107", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-1107", }, ], release_date: "2009-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2009-03-26T16:03:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2009:0392", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.13-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.13-1jpp.1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "OpenJDK: Signed applet remote misuse possibility (6782871)", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.