OVAL Reference oval:org.opensuse.security:def:20091104

Oval Definition:

oval:org.opensuse.security:def:20091104

Revision Date:	2022-05-20	Version:	1
Title:	CVE-2009-1104
Description:	The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack vectors.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2009-1104 Mitre CVE-2009-1104 SUSE CVE-2009-1104 SUSE-SA:2009:016 SUSE-SA:2009:016 SUSE-SA:2009:029 SUSE-SA:2009:029 SUSE-SA:2009:036 SUSE-SA:2009:036 SUSE-SR:2009:011 SUSE-SR:2009:011
Platform(s):	Open Enterprise Server openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 sles10-ltss.i386 sles10-ltss.s390x sles10-ltss.x86_64 SUSE Linux Enterprise Desktop 11 GA SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 GA SUSE Linux Enterprise Server for SAP Applications 11	Product(s):
Definition Synopsis
sles10-ltss is installed AND Package Information java-1_5_0-ibm-32bit less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-alsa-32bit less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-alsa less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-devel-32bit less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-devel less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-fonts less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-jdbc less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm-plugin less than 1.5.0_sr9-2.2.2 OR java-1_5_0-ibm less than 1.5.0_sr9-2.2.2
Definition Synopsis
SUSE Linux Enterprise Server 11 is installed AND Package Information java-1_6_0-ibm-1.6.0-124.7 is installed OR java-1_6_0-ibm-alsa-1.6.0-124.6 is installed OR java-1_6_0-ibm-alsa-x86-1.6.0-124.7 is installed OR java-1_6_0-ibm-fonts-1.6.0-124.7 is installed OR java-1_6_0-ibm-jdbc-1.6.0-124.7 is installed OR java-1_6_0-ibm-plugin-1.6.0-124.6 is installed OR java-1_6_0-ibm-x86-1.6.0-124.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 is installed AND Package Information java-1_6_0-ibm-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-alsa-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-alsa-x86-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-fonts-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-plugin-1.6.0-124.7.1 is installed OR java-1_6_0-ibm-x86-1.6.0-124.7.1 is installed

BACK