CVE Vulnerabilities

CVE-2009-1107

Published: Mar 25, 2009 | Modified: Oct 10, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu

The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a Swing JLabel HTML parsing vulnerability, aka CR 6782871.

Affected Software

Name Vendor Start Version End Version
Java Sun * *
Extras for RHEL 4 RedHat java-1.6.0-sun-1:1.6.0.13-1jpp.1.el4 *
Extras for RHEL 4 RedHat java-1.5.0-sun-0:1.5.0.18-1jpp.1.el4 *
Extras for RHEL 4 RedHat java-1.5.0-ibm-1:1.5.0.9-1jpp.5.el4 *
Extras for RHEL 4 RedHat java-1.6.0-ibm-1:1.6.0.5-1jpp.1.el4 *
Red Hat Network Satellite Server v 5.1 RedHat java-1.5.0-sun-0:1.5.0.22-1jpp.1.el4 *
Red Hat Network Satellite Server v 5.3 RedHat java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.6.0-sun-1:1.6.0.13-1jpp.1.el5 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.5.0-sun-0:1.5.0.18-1jpp.1.el5 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.5.0-ibm-1:1.5.0.9-1jpp.3.el5 *
Supplementary for Red Hat Enterprise Linux 5 RedHat java-1.6.0-ibm-1:1.6.0.5-1jpp.1.el5 *
Sun-java5 Ubuntu dapper *
Sun-java5 Ubuntu upstream *
Sun-java6 Ubuntu hardy *
Sun-java6 Ubuntu jaunty *
Sun-java6 Ubuntu karmic *
Sun-java6 Ubuntu lucid *
Sun-java6 Ubuntu upstream *

References