CVE-2010-4351 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-4351 Interim 1 6 2023-12-08T03:05:24Z current 2021-05-30T12:54:58Z 2023-12-08T03:05:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-4351 The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. CVE-2010-4351 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P