Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote malicious users to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun jre 1.5.0 |
||
sun jre 1.6.0 |
||
sun jre |
||
sun openjdk |