Bug 490168 (CVE-2009-1094)

Summary: CVE-2009-1094 OpenJDK LDAP client remote code execution (6737315)
Product: [Other] Security Response Reporter: Marc Schoenefeld <mschoene>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: low    
Version: unspecifiedCC: kreilly, mjc, rbiba, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-12 13:48:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 490182, 490183, 492325, 492326, 492328, 492329, 500582, 500583, 506910, 506911, 540443    
Bug Blocks:    

Comment 2 Marc Schoenefeld 2009-03-26 10:20:24 UTC 
An unspecified vulnerability in the LDAP implementation in Java SE
Development Kit (JDK) and Java Runtime Environment (JRE) allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.

5.0 Update 17 and earlier; 
6 Update 12 and earlier; 
SDK and JRE 1.3.1_24 and earlier; 
and 1.4.2_19 and earlier
Comment 5 errata-xmlrpc 2009-03-26 16:03:36 UTC 
This issue has been addressed in following products:

  Extras for RHEL 4
  Extras for Red Hat Enterprise Linux 5

Via RHSA-2009:0392 https://rhn.redhat.com/errata/RHSA-2009-0392.html
Comment 6 errata-xmlrpc 2009-03-26 16:06:53 UTC 
This issue has been addressed in following products:

  Extras for RHEL 4
  Extras for Red Hat Enterprise Linux 5

Via RHSA-2009:0394 https://rhn.redhat.com/errata/RHSA-2009-0394.html
Comment 7 errata-xmlrpc 2009-04-07 18:36:47 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2009:0377 https://rhn.redhat.com/errata/RHSA-2009-0377.html
Comment 9 errata-xmlrpc 2009-05-18 20:28:40 UTC 
This issue has been addressed in following products:

  Extras for RHEL 4
  Extras for Red Hat Enterprise Linux 5

Via RHSA-2009:1038 https://rhn.redhat.com/errata/RHSA-2009-1038.html
Comment 11 errata-xmlrpc 2009-08-06 21:30:54 UTC 
This issue has been addressed in following products:

  Extras for RHEL 4
  Extras for Red Hat Enterprise Linux 5

Via RHSA-2009:1198 https://rhn.redhat.com/errata/RHSA-2009-1198.html
Comment 13 errata-xmlrpc 2009-12-11 13:43:18 UTC 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.1

Via RHSA-2009:1662 https://rhn.redhat.com/errata/RHSA-2009-1662.html
Comment 14 errata-xmlrpc 2010-01-14 16:32:35 UTC 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.3

Via RHSA-2010:0043 https://rhn.redhat.com/errata/RHSA-2010-0043.html