The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-01-20T18:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2010-11-30T00:00:00
Link: CVE-2010-4351
JSON object: View
NVD Information
Status : Modified
Published: 2011-01-20T19:00:06.867
Modified: 2023-02-13T04:28:56.587
Link: CVE-2010-4351
JSON object: View
Redhat Information
No data.
CWE