Your submission was sent successfully! Close

USN-1553-1: OpenJDK 6 vulnerabilities

3 September 2012

Two security issues were fixed in OpenJDK 6.

Releases

Packages

  • openjdk-6 - Open Source Java implementation

Details

It was discovered that the Beans component in OpenJDK 6 did not
properly prevent access to restricted classes. A remote attacker could
use this to create an untrusted Java applet or application that would
bypass Java sandbox restrictions. (CVE-2012-1682)

It was discovered that functionality in the AWT component in OpenJDK 6
made it easier for a remote attacker, in conjunction with other
vulnerabilities, to bypass Java sandbox restrictions. (CVE-2012-0547)