rhsa-2009_1199
Vulnerability from csaf_redhat
Published
2009-08-06 20:38
Modified
2024-09-13 06:45
Summary
Red Hat Security Advisory: java-1.5.0-sun security update
Notes
Topic
Updated java-1.5.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and
the Sun Java 5 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 5 Runtime
Environment and the Sun Java 5 Software Development Kit. These
vulnerabilities are summarized on the "Advance notification of Security
Updates for Java SE" page from Sun Microsystems, listed in the References
section. (CVE-2009-2475, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,
CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2689)
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues. All running instances of Sun Java must be restarted
for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.5.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and\nthe Sun Java 5 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 5 Runtime\nEnvironment and the Sun Java 5 Software Development Kit. These\nvulnerabilities are summarized on the \"Advance notification of Security\nUpdates for Java SE\" page from Sun Microsystems, listed in the References\nsection. (CVE-2009-2475, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,\nCVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2689)\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1199",
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5",
"url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5"
},
{
"category": "external",
"summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
},
{
"category": "external",
"summary": "512896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896"
},
{
"category": "external",
"summary": "512907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907"
},
{
"category": "external",
"summary": "512914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914"
},
{
"category": "external",
"summary": "512920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920"
},
{
"category": "external",
"summary": "512921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921"
},
{
"category": "external",
"summary": "513215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
},
{
"category": "external",
"summary": "513222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
},
{
"category": "external",
"summary": "515890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2009/rhsa-2009_1199.json"
}
],
"title": "Red Hat Security Advisory: java-1.5.0-sun security update",
"tracking": {
"current_release_date": "2024-09-13T06:45:13+00:00",
"generator": {
"date": "2024-09-13T06:45:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2009:1199",
"initial_release_date": "2009-08-06T20:38:00+00:00",
"revision_history": [
{
"date": "2009-08-06T20:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-08-06T16:38:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T06:45:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.20-1jpp.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.20-1jpp.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.20-1jpp.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.20-1jpp.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.20-1jpp.1.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.20-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_id": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.20-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.20-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.20-1jpp.1.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_id": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.20-1jpp.1.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.20-1jpp.1.el4?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-plugin@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-devel@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-jdbc@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-demo@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
},
{
"category": "product_version",
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"product": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"product_id": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.5.0-sun-src@1.5.0.20-1jpp.1.el5?arch=i586"
}
}
}
],
"category": "architecture",
"name": "i586"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2475",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "513215"
}
],
"notes": [
{
"category": "description",
"text": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2475"
},
{
"category": "external",
"summary": "RHBZ#513215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2475",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)"
},
{
"cve": "CVE-2009-2625",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512921"
}
],
"notes": [
{
"category": "description",
"text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: XML parsing Denial-Of-Service (6845701)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2625"
},
{
"category": "external",
"summary": "RHBZ#512921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: XML parsing Denial-Of-Service (6845701)"
},
{
"cve": "CVE-2009-2670",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512896"
}
],
"notes": [
{
"category": "description",
"text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Untrusted applet System properties access (6738524)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2670"
},
{
"category": "external",
"summary": "RHBZ#512896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2670"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK Untrusted applet System properties access (6738524)"
},
{
"cve": "CVE-2009-2671",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512907"
}
],
"notes": [
{
"category": "description",
"text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Proxy mechanism information leaks (6801071)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2671"
},
{
"category": "external",
"summary": "RHBZ#512907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2671"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Proxy mechanism information leaks (6801071)"
},
{
"cve": "CVE-2009-2672",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512907"
}
],
"notes": [
{
"category": "description",
"text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Proxy mechanism information leaks (6801071)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2672"
},
{
"category": "external",
"summary": "RHBZ#512907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Proxy mechanism information leaks (6801071)"
},
{
"cve": "CVE-2009-2673",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512914"
}
],
"notes": [
{
"category": "description",
"text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2673"
},
{
"category": "external",
"summary": "RHBZ#512914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)"
},
{
"cve": "CVE-2009-2675",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512920"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2675"
},
{
"category": "external",
"summary": "RHBZ#512920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)"
},
{
"cve": "CVE-2009-2676",
"discovery_date": "2009-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "515890"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JRE applet launcher vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2676"
},
{
"category": "external",
"summary": "RHBZ#515890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JRE applet launcher vulnerability"
},
{
"cve": "CVE-2009-2689",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "513222"
}
],
"notes": [
{
"category": "description",
"text": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JDK13Services grants unnecessary privileges (6777448)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2689"
},
{
"category": "external",
"summary": "RHBZ#513222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2689"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK JDK13Services grants unnecessary privileges (6777448)"
},
{
"cve": "CVE-2009-2720",
"discovery_date": "2009-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516823"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException in the Jemmy library) via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK DoS with Swing Synthcontext implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2720"
},
{
"category": "external",
"summary": "RHBZ#516823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516823"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2720",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720"
}
],
"release_date": "2009-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JDK DoS with Swing Synthcontext implementation"
},
{
"cve": "CVE-2009-2721",
"discovery_date": "2009-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516826"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK Multiple unspecified vulnerabilities in Provider class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2721"
},
{
"category": "external",
"summary": "RHBZ#516826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2721",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2721"
}
],
"release_date": "2009-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JDK Multiple unspecified vulnerabilities in Provider class"
},
{
"cve": "CVE-2009-2722",
"discovery_date": "2009-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516829"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK Multiple unspecified vulnerabilities in Provider class (incorrect fix)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2722"
},
{
"category": "external",
"summary": "RHBZ#516829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2722",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2722"
}
],
"release_date": "2009-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JDK Multiple unspecified vulnerabilities in Provider class (incorrect fix)"
},
{
"cve": "CVE-2009-2723",
"discovery_date": "2009-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516832"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK unspecified deserialization in Provider class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2723"
},
{
"category": "external",
"summary": "RHBZ#516832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516832"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2723",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2723"
}
],
"release_date": "2009-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JDK unspecified deserialization in Provider class"
},
{
"cve": "CVE-2009-2724",
"discovery_date": "2009-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516834"
}
],
"notes": [
{
"category": "description",
"text": "Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a \"3Y Race condition in reflection checks.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK race condition vulnerability reflection checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2724"
},
{
"category": "external",
"summary": "RHBZ#516834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516834"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2724",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2724"
}
],
"release_date": "2009-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1199"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4AS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4AS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4Desktop-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4Desktop-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4ES-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4ES-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el4.x86_64",
"4WS-LACD:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.i586",
"4WS-LACD:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el4.x86_64",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Client-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Client-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-demo-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-devel-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-jdbc-0:1.5.0.20-1jpp.1.el5.x86_64",
"5Server-Supplementary:java-1.5.0-sun-plugin-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.i586",
"5Server-Supplementary:java-1.5.0-sun-src-0:1.5.0.20-1jpp.1.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK race condition vulnerability reflection checks"
}
]
}
Loading...