Oval Definition:oval:org.mitre.oval:def:9359
Revision Date:2013-04-29Version:12
Title:The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
Description:The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-2672
Platform(s):CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-1.2.b09.el5
  • OR java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-1.2.b09.el5
  • OR java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-1.2.b09.el5
  • OR java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-1.2.b09.el5
  • OR java-1.6.0-openjdk is earlier than 1:1.6.0.0-1.2.b09.el5
    • BACK