Information Leak Vulnerabilities in Sun Java SE and OpenJDK Products
CVE-2009-3883

Currently unrated

Key Information:

Vendor: Oracle
Status: Openjdk
Vendor: CVE Published:; 9 November 2009

Summary

Multiple unspecified vulnerabilities exist in the Pluggable Look and Feel (PL&F) feature of the Swing implementation within Sun Java SE and OpenJDK. These vulnerabilities are associated with information leaks in mutable variables, which may allow an attacker to exploit remote vectors. Affected software versions include Sun Java SE 5.0 prior to Update 22 and Sun Java SE 6 prior to Update 17. Users are encouraged to update their installations to mitigate potential risks associated with these issues.

References

http://security.gentoo.org/glsa/glsa-200911-02.xml

vendor-advisoryx_refsource_GENTOO

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://bugzilla.redhat.com/show_bug.cgi?id=530175

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 9, 2009
Vulnerability Reserved
Nov 5, 2009