CVE-2006-0617 — JDK vulnerability

5 documents4 sources

Severity

4.0MEDIUMNVD

EPSS

3.7%

top 12.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE

Timeline

PublishedFeb 9

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 4.9 | Impact: 4.9

Affected Packages2 packages

▶NVDsun/jdk1.5.0

▶NVDsun/jre1.5.0

Patches

Patch: secunia.com ↗Patch: sunsolve.sun.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-5r52-222q-pvw6: Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5↗2022-05-01

▶

CVEList

CVE-2006-0617: Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5↗2006-02-09

▶

💬Community

Bugzilla

CVE-2006-3745 Local SCTP privilege escalation↗2006-08-10

▶

Bugzilla

CVE-2004-2660 O_DIRECT write sometimes leaks memory↗2006-05-15

▶