CVE-2009-2671
Published: 5 August 2009
The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
openjdk-6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(6b18-1.8.2-4ubuntu1~8.04.1)
|
|
| intrepid |
Released
(6b12-0ubuntu6.5)
|
|
| jaunty |
Released
(6b14-1.4.1-0ubuntu11)
|
|
| karmic |
Not vulnerable
(6b16-1.6.1-0ubuntu1)
|
|
| lucid |
Not vulnerable
(6b16-1.6.1-0ubuntu1)
|
|
| maverick |
Not vulnerable
(6b16-1.6.1-0ubuntu1)
|
|
| upstream |
Released
(6b16)
|
|
|
sun-java5 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| gutsy |
Ignored
(end of life, was needs-triage)
|
|
| hardy |
Not vulnerable
(1.5.0-22-0ubuntu0.8.04)
|
|
| intrepid |
Ignored
(end of life, was needs-triage)
|
|
| jaunty |
Ignored
(end of life)
|
|
| karmic |
Does not exist
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| upstream |
Released
(1.5.0-20)
|
|
|
sun-java6 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Released
(6.20dlj-0ubuntu1.8.04)
|
|
| intrepid |
Ignored
(end of life, was needs-triage)
|
|
| jaunty |
Released
(6.20dlj-0ubuntu1.9.04)
|
|
| karmic |
Released
(6-15-1)
|
|
| lucid |
Released
(6-15-1)
|
|
| maverick |
Not vulnerable
|
|
| upstream |
Released
(6.15)
|