CVE-2011-3521

Published: 19 October 2011

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization.

Priority

Low

Status

Package Release Status
icedtea-web
Launchpad, Ubuntu, Debian
Upstream Needs triage

openjdk-6
Launchpad, Ubuntu, Debian
Upstream
Released (6b23~pre11-1)
openjdk-6b18
Launchpad, Ubuntu, Debian
Upstream Needs triage

openjdk-7
Launchpad, Ubuntu, Debian
Upstream
Released (7~b147-2.0-1)
sun-java5
Launchpad, Ubuntu, Debian
Upstream Needs triage

sun-java6
Launchpad, Ubuntu, Debian
Upstream
Released (6.29)

Notes

AuthorNote
mdeslaur
in natty+, NetX and the plugin moved to the icedtea-web package

References