CVE-2011-0869 — JDK vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

3.8%

top 11.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JDK SUN JRE

Timeline

PublishedJun 14

Latest updateMay 17

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/jdk1.6.0+1

▶NVDsun/jre1.6.0+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-x765-chv2-8q2p: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web S↗2022-05-17

▶

CVEList

CVE-2011-0869: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web S↗2011-06-14

▶

📋Vendor Advisories

Ubuntu

OpenJDK 6 vulnerabilities↗2011-06-17

▶

Red Hat

OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)↗2011-06-02

▶

💬Community

Bugzilla

CVE-2011-0869 OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)↗2011-05-19

▶