Java Management Extensions Vulnerability in Sun Java SE 6 and OpenJDK
CVE-2009-2476
Currently unrated
Summary
The Java Management Extensions (JMX) component in Sun Java SE 6 prior to Update 15 and OpenJDK fails to adequately enforce OpenType checks. This inadequacy enables context-dependent attackers to exploit finalizer resurrection, gaining unauthorized references to privileged objects and thus bypassing intended access restrictions.
References
Timeline
Vulnerability published
Vulnerability Reserved