CVE-2010-4351
Red Hat OpenJDK IcedTea6 ClassLoader Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
El JNLP SecurityManager en IcedTea (IcedTea.so) v1.7 anteriores a v1.7.7, v1.8 anteriores a v1.8.4 y v1.9 anteriores a v1.9.4 de Java OpenJDK devuelve desde el método checkPermission una excepción en determinadas circunstancias, lo que podría permitir a atacantes dependientes del contexto eludir la política de protección establecida mediante la creación de instancias de ClassLoader.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Java OpenJDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the IcedTea.so component. When handling the an applet the process fails to properly restrict permission of code. It is possible to create and instantiate subclasses of ClassLoader. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk. The JNLP SecurityManager in IcedTea 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. Unspecified vulnerability in the Java Runtime Environment in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. Various other issues have also been identified and addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-11-30 CVE Reserved
- 2011-01-18 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-305: Authentication Bypass by Primary Weakness
CAPEC
References (23)
| URL | Tag | Source |
|---|---|---|
| http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released | X_refsource_confirm | |
| http://osvdb.org/70605 | Vdb Entry | |
| http://secunia.com/advisories/43078 | Third Party Advisory | |
| http://secunia.com/advisories/43085 | Third Party Advisory | |
| http://secunia.com/advisories/43135 | Third Party Advisory | |
| http://www.securityfocus.com/bid/45894 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0215 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0239 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-014 | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64893 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=663680 | 2011-01-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7 Search vendor "Redhat" for product "Icedtea" and version "1.7" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.1 Search vendor "Redhat" for product "Icedtea" and version "1.7.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.2 Search vendor "Redhat" for product "Icedtea" and version "1.7.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.3 Search vendor "Redhat" for product "Icedtea" and version "1.7.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.4 Search vendor "Redhat" for product "Icedtea" and version "1.7.4" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.5 Search vendor "Redhat" for product "Icedtea" and version "1.7.5" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.7.6 Search vendor "Redhat" for product "Icedtea" and version "1.7.6" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8 Search vendor "Redhat" for product "Icedtea" and version "1.8" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.1 Search vendor "Redhat" for product "Icedtea" and version "1.8.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.2 Search vendor "Redhat" for product "Icedtea" and version "1.8.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.8.3 Search vendor "Redhat" for product "Icedtea" and version "1.8.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9 Search vendor "Redhat" for product "Icedtea" and version "1.9" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.1 Search vendor "Redhat" for product "Icedtea" and version "1.9.1" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.2 Search vendor "Redhat" for product "Icedtea" and version "1.9.2" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|
| Redhat Search vendor "Redhat" | Icedtea Search vendor "Redhat" for product "Icedtea" | 1.9.3 Search vendor "Redhat" for product "Icedtea" and version "1.9.3" | - |
Affected
| in | Sun Search vendor "Sun" | Openjdk Search vendor "Sun" for product "Openjdk" | * | - |
Safe
|