91025 – (CVE-2005-1974) VUL-0: CVE-2005-1974: java untrusted applets can elevate privileges

Bug 91025 (CVE-2005-1974) - VUL-0: CVE-2005-1974: java untrusted applets can elevate privileges

Summary: VUL-0: CVE-2005-1974: java untrusted applets can elevate privileges

Status:	RESOLVED FIXED

Alias:	CVE-2005-1974

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other All

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	http://sunsolve.sun.com/search/docume...
Whiteboard:	CVE-2005-1974: CVSS v2 Base Score: 5....
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-06-15 10:48 UTC by Thomas Biege
Modified:	2021-11-10 14:48 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Biege 2005-06-15 10:48:22 UTC

Hello Sonja,
the fun never ends. :(

http://www.heise.de/newsticker/meldung/60615

Comment 1 Thomas Biege 2005-06-15 10:57:06 UTC

CAN-2005-1974

SM-Tracker-1576

Comment 2 Sonja Krause-Harder 2005-06-16 09:03:35 UTC

Preparing packages for 8.2, 9.0, 9.1, 9.2 and 9.3 (all i386 only) now. 
 
This will also fix bug #74219

Comment 3 Sonja Krause-Harder 2005-06-16 16:15:04 UTC

I have prepared packages for the following platforms: 
 
java2: 
sles8-slec-i386 
8.2-i386 
9.0-i386 
9.1-i386 (also good for sles9-i386) 
sles9-ia64 
 
java-1_4_2-sun: 
9.2-i386 
9.3-i386 
 
Ok to submit them?

Comment 4 Thomas Biege 2005-06-17 06:13:56 UTC

I think it's ok.

Does all packages fix the same bugs?

Comment 5 Sonja Krause-Harder 2005-06-17 07:03:36 UTC

The one for 9.3-i386 also fixes bug #79259. They all also fix the former java  
webstart problem (#74219).

Comment 6 Sonja Krause-Harder 2005-06-17 10:56:11 UTC

Packages submitted.

Comment 7 Thomas Biege 2005-06-17 10:57:00 UTC

`java-1_4_2-sun.patch.box' -> `/work/src/done/PATCHINFO/java-1_4_2-sun.patch.box'
`java2.patch.box' -> `/work/src/done/PATCHINFO/java2.patch.box'
`java2.patch.maintained' -> `/work/src/done/PATCHINFO/java2.patch.maintained'

Comment 8 Marcus Meissner 2005-06-22 12:14:50 UTC

updates released.

Comment 9 Thomas Biege 2009-10-13 21:28:18 UTC

CVE-2005-1974: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)