Description
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
References (10)
Core 10
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Patch, Vendor Advisory x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2543
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37460
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200911-02.xml
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Patch, Vendor Advisory x_refsource_confirm
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37386
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3316
Scores
EPSS
0.0434
EPSS Percentile
89.0%
Details
Status
published
Products (1)
sun/java_se
< 5.0
Published
Aug 10, 2009
Tracked Since
Feb 18, 2026