Categorie
Sicurezza informatica

USN-971-1: OpenJDK vulnerabilities

Referenced CVEs: 
CVE-2010-2548, CVE-2010-2783

Description: 
===========================================================
Ubuntu Security Notice USN-971-1 August 16, 2010
openjdk-6 vulnerabilities
CVE-2010-2548, CVE-2010-2783
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
icedtea6-plugin 6b18-1.8.1-0ubuntu1~9.04.1

Ubuntu 9.10:
icedtea6-plugin 6b18-1.8.1-0ubuntu1~9.10.1

Ubuntu 10.04 LTS:
icedtea6-plugin 6b18-1.8.1-0ubuntu1

After a standard system update you need to restart any Java applications
to make all the necessary changes.

Details follow:

It was discovered that the IcedTea plugin did not correctly check certain
accesses. If a user or automated system were tricked into running a
specially crafted Java applet, a remote attacker could read arbitrary
files with user privileges, leading to a loss of privacy. (CVE-2010-2548,
CVE-2010-2783)

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.