CVE-2006-0615

Severity

40%

Complexity

49%

Confidentiality

81%

Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."

Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N).

Overview

First reported 19 years ago

2006-02-09 02:02:00

Last updated 5 years ago

2019-07-31 12:44:00

Affected Software

Sun JDK 1.5.0

1.5.0

Sun JDK 5.0 Update1

1.5.0

Sun JDK 5.0 Update2

1.5.0

Sun JDK 5.0 Update3

1.5.0

Sun JDK 5.0 Update4

1.5.0

Sun JRE 1.4.2

1.4.2

Sun JRE 1.4.2_1

1.4.2_1

Sun JRE 1.4.2_2

1.4.2_2

Sun JRE 1.4.2_3

1.4.2_3

Sun JRE 1.4.2_4

1.4.2_4

Sun JRE 1.4.2_5

1.4.2_5

Sun JRE 1.4.2_6

1.4.2_6

Sun JRE 1.4.2_7

1.4.2_7

Sun JRE 1.4.2_8

1.4.2_8

Sun JRE 1.4.2_9

1.4.2_9

Sun JRE 1.5.0

1.5.0

Sun JRE 1.5.0_1 (JRE 5.0 Update 1)

1.5.0

Sun JRE 1.5.0_2 (JRE 5.0 Update 2)

1.5.0

Sun JRE 1.5.0_4 (JRE 5.0 Update 4)

1.5.0

Sun JRE 1.5.0_5 (JRE 5.0 Update 5)

1.5.0

SDK 1.4.2

1.4.2

Sun SDK 1.4.2_1

1.4.2_1

Sun SDK 1.4.2_2

1.4.2_2

Sun SDK 1.4.2_3

1.4.2_3

Sun SDK 1.4.2_4

1.4.2_4

Sun SDK 1.4.2_5

1.4.2_5

Sun SDK 1.4.2_6

1.4.2_6

Sun SDK 1.4.2_7

1.4.2_7

Sun SDK 1.4.2_8

1.4.2_8

Sun SDK 1.4.2_9

1.4.2_9

References

http://docs.info.apple.com/article.html?artnum=303658

Broken Link

18760

Patch, Third Party Advisory

18884

Third Party Advisory

1015596

Third Party Advisory, VDB Entry

102171

Broken Link, Patch

GLSA-200602-07

Third Party Advisory

VU#759996

Third Party Advisory, US Government Resource

ADV-2006-0467

Permissions Required

ADV-2006-0828

Permissions Required

ADV-2006-1398

Permissions Required

sun-jre-reflection-privilege-elevation(24561)

Third Party Advisory, VDB Entry

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.