Oval Definition:oval:org.opensuse.security:def:20093728
Revision Date:2015-11-16Version:1
Title:CVE-2009-3728
Description:
Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local International Color Consortium (ICC) profile files via a .. (dot dot) in a pathname, aka Bug Id 6631533.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-3728
Platform(s):openSUSE 11.0
openSUSE 11.1
openSUSE 11.2
Product(s):
Definition Synopsis
  • Release Information
  • suse110 is installed
  • AND
  • java-1_6_0-openjdk-demo less than 1.6.2_b16-0.1
  • OR java-1_6_0-openjdk-devel less than 1.6.2_b16-0.1
  • OR java-1_6_0-openjdk-javadoc less than 1.6.2_b16-0.1
  • OR java-1_6_0-openjdk-plugin less than 1.6.2_b16-0.1
  • OR java-1_6_0-openjdk-src less than 1.6.2_b16-0.1
  • OR java-1_6_0-openjdk less than 1.6.2_b16-0.1
  • OR Package Information
  • suse111 is installed
  • AND
  • java-1_6_0-openjdk-demo less than 1.6.2_b16-0.1.1
  • OR java-1_6_0-openjdk-devel less than 1.6.2_b16-0.1.1
  • OR java-1_6_0-openjdk-javadoc less than 1.6.2_b16-0.1.1
  • OR java-1_6_0-openjdk-plugin less than 1.6.2_b16-0.1.1
  • OR java-1_6_0-openjdk-src less than 1.6.2_b16-0.1.1
  • OR java-1_6_0-openjdk less than 1.6.2_b16-0.1.1
  • OR Package Information
  • suse112 is installed
  • AND
  • java-1_6_0-openjdk-demo less than 1.6.0.0_b16-5.8.1
  • OR java-1_6_0-openjdk-devel less than 1.6.0.0_b16-5.8.1
  • OR java-1_6_0-openjdk-javadoc less than 1.6.0.0_b16-5.8.1
  • OR java-1_6_0-openjdk-plugin less than 1.6.0.0_b16-5.8.1
  • OR java-1_6_0-openjdk-src less than 1.6.0.0_b16-5.8.1
  • OR java-1_6_0-openjdk less than 1.6.0.0_b16-5.8.1
    • BACK