CVE-2009-3881

Published: 09 November 2009

Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650.

Priority

Medium

Status

Package Release Status
openjdk-6
Launchpad, Ubuntu, Debian
Upstream
Released (6b17)
sun-java5
Launchpad, Ubuntu, Debian
Upstream
Released (1.5.0-22)
sun-java6
Launchpad, Ubuntu, Debian
Upstream
Released (6.17)