CVE-2009-2673

The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.

🔗 References (72)

• cve@mitrehttp://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_20
• cve@mitrehttp://java.sun.com/javase/6/webnotes/6u15.html
• cve@mitrehttp://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
• cve@mitrehttp://marc.info/?l=bugtraq&m=125787273209737&w=2
• cve@mitrehttp://osvdb.org/56785
• cve@mitrehttp://secunia.com/advisories/36162
• cve@mitrehttp://secunia.com/advisories/36176
• cve@mitrehttp://secunia.com/advisories/36180
• cve@mitrehttp://secunia.com/advisories/36199
• cve@mitrehttp://secunia.com/advisories/36248
• cve@mitrehttp://secunia.com/advisories/37300
• cve@mitrehttp://secunia.com/advisories/37386