← Back to CVEs
CVE-2010-4351
N/ADescription
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
CVE Details
CVSS v3.1 ScoreN/A
Published1/20/2011
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
redhat:icedteasun:openjdk
Weaknesses (CWE)
CWE-264
References
http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html(secalert@redhat.com)
http://osvdb.org/70605(secalert@redhat.com)
http://secunia.com/advisories/43002(secalert@redhat.com)
http://secunia.com/advisories/43078(secalert@redhat.com)
http://secunia.com/advisories/43085(secalert@redhat.com)
http://secunia.com/advisories/43135(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-201406-32.xml(secalert@redhat.com)
http://www.debian.org/security/2011/dsa-2224(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054(secalert@redhat.com)
http://www.redhat.com/support/errata/RHSA-2011-0176.html(secalert@redhat.com)
http://www.securityfocus.com/bid/45894(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-1052-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-1055-1(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0165(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0166(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0215(secalert@redhat.com)
http://www.vupen.com/english/advisories/2011/0239(secalert@redhat.com)
http://www.zerodayinitiative.com/advisories/ZDI-11-014/(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=663680(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64893(secalert@redhat.com)
http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/70605(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43002(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43078(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43085(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43135(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201406-32.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2011/dsa-2224(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-0176.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45894(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1052-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1055-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0165(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0166(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0215(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0239(af854a3a-2127-422b-91ae-364da2661108)
http://www.zerodayinitiative.com/advisories/ZDI-11-014/(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=663680(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64893(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.