Package: sun-java5 Version: 1.5.0-10-3 Severity: normal Tags: security
Hi, http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 | A security vulnerability in Java Web Start may allow an untrusted | application to elevate its privileges. For example, an application may | grant itself permissions to read and write local files that are | accessible to the user running the Java Web Start application. This is also known as CVE-2007-2435 Sun fixed this in JRE 5.0 update 11. Lenny and Sid contains 1.5.0-11-1 thus are not vulnerable but Etch contains 1.5.0-10-3 and should be vulnerable. Regards. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-powerpc Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
