Back to search
CVE-2009-1896
Published: Aug 10, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent attackers to execute arbitrary code without the untrusted-code restrictions via a crafted application, related to NetX.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=512101
x_refsource_CONFIRM
36162
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:209
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2009-8329
vendor-advisory
x_refsource_FEDORA
FEDORA-2009-8337
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now