← voltar
CVE-2010-3860

CVE-2010-3860

EPSS 3.0%
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://blog.fuseyism.com/index.php/2010/11/24/icedtea6-176-183-and-192-released/http://icedtea.classpath.org/hg/release/icedtea6-1.9/rev/9aa0018d8c28http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051711.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=645843http://secunia.com/advisories/42412http://secunia.com/advisories/42417http://secunia.com/advisories/43085http://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://www.redhat.com/support/errata/RHSA-2011-0176.htmlhttp://www.securityfocus.com/bid/45114http://www.ubuntu.com/usn/USN-1024-1