532912 – CVE-2009-3866 JRE arbitary code execution using java web start (6872824)

Bug 532912 - CVE-2009-3866 JRE arbitary code execution using java web start (6872824)

Summary: CVE-2009-3866 JRE arbitary code execution using java web start (6872824)

Keywords:
Status:	CLOSED DUPLICATE of bug 533212
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	532004
Blocks:
TreeView+	depends on / blocked

Reported:	2009-11-04 10:09 UTC by Mark J. Cox
Modified:	2019-09-29 12:33 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2009-11-05 20:57:40 UTC
Embargoed:

Attachments	(Terms of Use)

Description Mark J. Cox 2009-11-04 10:09:14 UTC

aka http://sunsolve.sun.com/search/document.do?assetkey=1-66-269870-1
  
  A security vulnerability in the Java Web Start Installer may be
  leveraged to allow an untrusted Java Web Start application to run as a trusted
  application and execute arbitrary code. This may occur when a user opens a
  specially crafted web page that exploits this vulnerability.

Comment 1 Josh Bressers 2009-11-05 20:57:40 UTC


*** This bug has been marked as a duplicate of bug 533212 ***

Note You need to log in before you can comment on or make changes to this bug.