| Name | CVE-2009-1105 |
| Description | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 521414 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| sun-java5 | source | lenny | 1.5.0-22-0lenny1 | |||
| sun-java5 | source | (unstable) | 1.5.0-18-1 | |||
| sun-java6 | source | lenny | 6-20-0lenny1 | |||
| sun-java6 | source | (unstable) | 6-13-1 | 521414 |
[etch] - sun-java5 <no-dsa> (Non-free not supported)