VDB
CVE-2010-4351
CVE-2010-4351
PUBLISHED
Reported by redhat · Published January 20, 2011
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Timeline
- Jan 20, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- x_refsource_CONFIRM
- USN-1055-1 vendor-advisoryx_refsource_UBUNTU
- GLSA-201406-32 vendor-advisoryx_refsource_GENTOO
- FEDORA-2011-0521 vendor-advisoryx_refsource_FEDORA
- 45894 vdb-entryx_refsource_BID
- 43085 third-party-advisoryx_refsource_SECUNIA
- USN-1052-1 vendor-advisoryx_refsource_UBUNTU
- ADV-2011-0215 vdb-entryx_refsource_VUPEN
- 70605 vdb-entryx_refsource_OSVDB
- ADV-2011-0239 vdb-entryx_refsource_VUPEN
- x_refsource_MISC
- FEDORA-2011-0500 vendor-advisoryx_refsource_FEDORA
- 43002 third-party-advisoryx_refsource_SECUNIA
- ADV-2011-0165 vdb-entryx_refsource_VUPEN
- 43078 third-party-advisoryx_refsource_SECUNIA
- DSA-2224 vendor-advisoryx_refsource_DEBIAN
- 43135 third-party-advisoryx_refsource_SECUNIA
- ADV-2011-0166 vdb-entryx_refsource_VUPEN
- icedtea-jnlp-code-execution(64893) vdb-entryx_refsource_XF
- x_refsource_CONFIRM
…and 2 more