CVE-2009-2724HIGH
Description
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."
References
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
http://secunia.com/advisories/37386
http://secunia.com/advisories/37460
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:sun:java_se:*:19:*:*:*:*:*:* versions up to 5.0 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 107298 | Solaris 10 (sparc) : 118667-61 | Nessus | Solaris Local Security Checks | critical |
| 89736 | VMware ESX Java Runtime Environment (JRE) Multiple Vulnerabilities (VMSA-2010-0002) (remote check) | Nessus | VMware ESX Local Security Checks | critical |
| 89117 | VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check) | Nessus | Misc. | critical |
| 45386 | VMSA-2010-0002 : VMware vCenter update release addresses multiple security issues in Java JRE | Nessus | VMware ESX Local Security Checks | critical |
| 42870 | VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components. | Nessus | VMware ESX Local Security Checks | critical |
| 42834 | GLSA-200911-02 : Sun JDK/JRE: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
| 40748 | RHEL 4 / 5 : java-1.5.0-sun (RHSA-2009:1199) | Nessus | Red Hat Local Security Checks | critical |
| 19460 | Solaris 9 (sparc) : 118667-86 | Nessus | Solaris Local Security Checks | critical |
| 19456 | Solaris 8 (sparc) : 118667-86 | Nessus | Solaris Local Security Checks | critical |
| 19444 | Solaris 10 (sparc) : 118667-86 (deprecated) | Nessus | Solaris Local Security Checks | critical |