Back to search
CVE-2009-2476
Published: Aug 10, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=513220
x_refsource_CONFIRM
RHSA-2009:1200
vendor-advisory
x_refsource_REDHAT
36162
third-party-advisory
x_refsource_SECUNIA
ADV-2009-2543
vdb-entry
x_refsource_VUPEN
GLSA-200911-02
vendor-advisory
x_refsource_GENTOO
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
x_refsource_CONFIRM
MDVSA-2009:209
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2009-8329
vendor-advisory
x_refsource_FEDORA
oval:org.mitre.oval:def:10381
vdb-entry
signature
x_refsource_OVAL
http://java.sun.com/javase/6/webnotes/6u15.html
x_refsource_CONFIRM
36180
third-party-advisory
x_refsource_SECUNIA
36176
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-8337
vendor-advisory
x_refsource_FEDORA
SUSE-SR:2009:016
vendor-advisory
x_refsource_SUSE
APPLE-SA-2009-09-03-1
vendor-advisory
x_refsource_APPLE
RHSA-2009:1201
vendor-advisory
x_refsource_REDHAT
37386
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now