| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512. | | Description: | The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2009-3880
| | Platform(s): | CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.7.b09.el5
OR java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.7.b09.el5
OR java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.7.b09.el5
OR java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.7.b09.el5
OR java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.7.b09.el5
|
|