Novell Home

CVE-2009-1106

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-1106 at MITRE

Details

The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948.
Novell Bugzilla entry: 488926,516361

SUSE Security Advisories:

Product(s) Fixed package version(s) References
SLES 11 DEBUGINFO
  • java-1_6_0-sun-debuginfo >= 1.6.0.u13-0.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 699
SLED 11
  • java-1_6_0-sun >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-alsa >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-demo >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-plugin >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-src >= 1.6.0.u13-0.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 699
SLE 11
  • java-1_6_0-ibm >= 1.6.0-124.7.1
  • java-1_6_0-ibm-devel >= 1.6.0-124.7.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.7.1
 sle11. ppc
sle11. ia64
sle11. s390x
sle11. x86
sle11. x86-64
sle11. s390x
sle11. x86-64
sle11. x86
sle11. ppc
SAT Patch Nr: 1058
SLE 11
  • java-1_6_0-ibm-devel >= 1.6.0-124.7.1
 sle11. ppc
sle11. ia64
sle11. s390x
sle11. x86
sle11. x86-64
sle11. s390x
sle11. x86-64
sle11. x86
sle11. ppc
SAT Patch Nr: 1058
SLES 11
  • java-1_6_0-ibm >= 1.6.0-124.7.1
  • java-1_6_0-ibm-alsa >= 1.6.0-124.7.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.7.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.7.1
  • java-1_6_0-ibm-plugin >= 1.6.0-124.7.1
 sle11. ppc
sle11. ia64
sle11. s390x
sle11. x86
sle11. x86-64
sle11. s390x
sle11. x86-64
sle11. x86
sle11. ppc
SAT Patch Nr: 1058
SLES 11
  • java-1_6_0-ibm-alsa-x86 >= 1.6.0-124.7.1
  • java-1_6_0-ibm-x86 >= 1.6.0-124.7.1
 sle11. ppc
sle11. ia64
sle11. s390x
sle11. x86
sle11. x86-64
sle11. s390x
sle11. x86-64
sle11. x86
sle11. ppc
SAT Patch Nr: 1058
SLES 11
  • java-1_6_0-ibm >= 1.6.0-124.7.1
  • java-1_6_0-ibm-fonts >= 1.6.0-124.7.1
  • java-1_6_0-ibm-jdbc >= 1.6.0-124.7.1
 sle11. ppc
sle11. ia64
sle11. s390x
sle11. x86
sle11. x86-64
sle11. s390x
sle11. x86-64
sle11. x86
sle11. ppc
SAT Patch Nr: 1058
openSUSE 10.3
  • java-1_6_0-sun >= 1.6.0.u12-1.4
  • java-1_6_0-sun-alsa >= 1.6.0.u12-1.4
  • java-1_6_0-sun-debuginfo >= 1.6.0.u12-1.4
  • java-1_6_0-sun-demo >= 1.6.0.u12-1.4
  • java-1_6_0-sun-devel >= 1.6.0.u12-1.4
  • java-1_6_0-sun-jdbc >= 1.6.0.u12-1.4
  • java-1_6_0-sun-plugin >= 1.6.0.u12-1.4
  • java-1_6_0-sun-src >= 1.6.0.u12-1.4
 ZYPP Patch Nr: 6128
SAT Patch Nr: 705
openSUSE 11.0
  • java-1_6_0-sun >= 1.6.0.u13-0.1
  • java-1_6_0-sun-alsa >= 1.6.0.u13-0.1
  • java-1_6_0-sun-demo >= 1.6.0.u13-0.1
  • java-1_6_0-sun-devel >= 1.6.0.u13-0.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u13-0.1
  • java-1_6_0-sun-plugin >= 1.6.0.u13-0.1
  • java-1_6_0-sun-src >= 1.6.0.u13-0.1
 ZYPP Patch Nr: 6128
SAT Patch Nr: 705
openSUSE 11.1
  • java-1_6_0-sun >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-alsa >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-devel >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-jdbc >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-plugin >= 1.6.0.u13-0.1.1
  • java-1_6_0-sun-src >= 1.6.0.u13-0.1.1
 ZYPP Patch Nr: 6128
SAT Patch Nr: 705

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.