Oval Definition:	oval:org.mitre.oval:def:6619
Revision Date: 2014-01-20 Version: 5 Title: Sun Java Runtime Environment Java Plug-in crossdomain.xml information disclosure Description: The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-1106 Platform(s): VMWare ESX Server 3.5 VMWare ESX Server 4.0 Product(s): Definition Synopsis VMware ESX Server 3.5.0 VMware ESX Server 3.5.0 is installed AND Patch ESX350-200910403-SG is not installed OR VMware ESX Server 4.0 VMware ESX Server 4.0 is installed AND Patch ESX400-200911223-UG is not installed
BACK