VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 20, 2011· Updated Apr 29, 2026

CVE-2010-4351

CVE-2010-4351

Description

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.

Affected products

15
  • Red Hat/Icedtea15 versions
    cpe:2.3:a:redhat:icedtea:1.7:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:redhat:icedtea:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:icedtea:1.9.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

22

News mentions

0

No linked articles in our index yet.