Vulnerabilities

CVE-2009-2689

by Fred · 10/08/2009

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.

Date published : 2009-08-10

http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html

http://java.sun.com/j2se/1.5.0/ReleaseNotes.html

Similar

Tags: Cybersecurity Alert