The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2009-08-10 18:30
Updated : 2024-02-04 17:33
NVD link : CVE-2009-2476
Mitre link : CVE-2009-2476
CVE.ORG link : CVE-2009-2476
JSON object : View
Products Affected
sun
- java_se
- openjdk
CWE
CWE-264
Permissions, Privileges, and Access Controls