VDB

ANCHORE-2009-2689

ANCHORE-2009-2689 PUBLISHED

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.

Affected Products

VendorProductVersions
SunJava1.5, 1.6, 5
SunOpenJDK1.5, 1.6, 5

Timeline

  • Aug 10, 2009 CVE Published
  • Aug 7, 2024 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›