CVE 2009-2670
The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.
Related bugs and status
CVE-2009-2670 (Candidate) is related to these bugs:
Bug #85969: Java Docs Package Won't Install
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
85969 | Java Docs Package Won't Install | sun-java6 (Ubuntu) | Medium | Fix Released | ||
85969 | Java Docs Package Won't Install | sun-java5 (Ubuntu) | Medium | Invalid | ||
85969 | Java Docs Package Won't Install | j2se1.4-i586 (Ubuntu) | Wishlist | Invalid |
Bug #409559: version 1.6.0_15 is available
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
409559 | version 1.6.0_15 is available | sun-java6 (Ubuntu) | Undecided | Fix Released | ||
409559 | version 1.6.0_15 is available | The Dell Mini Project | Undecided | Invalid | ||
409559 | version 1.6.0_15 is available | Jaunty Jackalope Backports | Undecided | Invalid | ||
409559 | version 1.6.0_15 is available | Intrepid Ibex Backports | Undecided | Invalid | ||
409559 | version 1.6.0_15 is available | Hardy Backports | Undecided | Invalid | ||
409559 | version 1.6.0_15 is available | sun-java6 (Ubuntu Hardy) | Undecided | Fix Released | ||
409559 | version 1.6.0_15 is available | sun-java6 (Ubuntu Karmic) | Undecided | Fix Released | ||
409559 | version 1.6.0_15 is available | sun-java6 (Ubuntu Intrepid) | Undecided | Invalid | ||
409559 | version 1.6.0_15 is available | sun-java6 (Ubuntu Jaunty) | Undecided | Fix Released |
Bug #420426: sun-java6 6b16 update for karmic, hardy and jaunty
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
420426 | sun-java6 6b16 update for karmic, hardy and jaunty | sun-java6 (Ubuntu) | Undecided | Fix Released | ||
420426 | sun-java6 6b16 update for karmic, hardy and jaunty | sun-java6 (Ubuntu Hardy) | Undecided | Fix Released | ||
420426 | sun-java6 6b16 update for karmic, hardy and jaunty | sun-java6 (Ubuntu Jaunty) | Undecided | Fix Released | ||
420426 | sun-java6 6b16 update for karmic, hardy and jaunty | sun-java6 (Ubuntu Karmic) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.