CVE-2009-2670 Information

Feb 14, 2021 cve

Description

The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20 does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications which allows context-dependent attackers to obtain sensitive information by reading these properties.

Reference

http://java.sun.com/j2se/1.5.0/ReleaseNotes.html150_20 http://java.sun.com/javase/6/webnotes/6u15.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html http://marc.info/?l=bugtraq&m=125787273209737&w=2 http://osvdb.org/56788 http://secunia.com/advisories/36162 http://secunia.com/advisories/36176 http://secunia.com/advisories/36180 http://secunia.com/advisories/36199 http://secunia.com/advisories/36248 http://secunia.com/advisories/37300 http://secunia.com/advisories/37386 http://secunia.com/advisories/37460 http://security.gentoo.org/glsa/glsa-200911-02.xml http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-263408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:209 http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/bid/35939 http://www.securitytracker.com/id?1022658 http://www.us-cert.gov/cas/techalerts/TA09-294A.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2009/2543 http://www.vupen.com/english/advisories/2009/3316 https://exchange.xforce.ibmcloud.com/vulnerabilities/52306 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11326 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8022 https://rhn.redhat.com/errata/RHSA-2009-1199.html https://rhn.redhat.com/errata/RHSA-2009-1200.html https://rhn.redhat.com/errata/RHSA-2009-1201.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html

Share on: