The JNLPClassLoader class in IcedTea-Web prior to 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote malicious users to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat icedtea-web 1.0 |
||
redhat icedtea-web 1.0.1 |
||
sun jdk 1.6.0 |