CVE-2006-6737
First published: Tue Dec 26 2006(Updated: )
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Java Development Kit (JDK) | =1.5.0 | |
| Java Development Kit (JDK) | =1.5.0-update1 | |
| Java Development Kit (JDK) | =1.5.0-update2 | |
| Java Development Kit (JDK) | =1.5.0-update3 | |
| Java Development Kit (JDK) | =1.5.0-update4 | |
| Java Development Kit (JDK) | =1.5.0-update5 | |
| Sun Java Runtime Environment (JRE) | =1.3.1 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_2 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_03 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_04 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_05 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_06 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_07 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_08 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_09 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_10 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_11 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_12 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_13 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_14 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_15 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_16 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_17 | |
| Sun Java Runtime Environment (JRE) | =1.3.1_18 | |
| Sun Java Runtime Environment (JRE) | =1.4.2 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_1 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_2 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_3 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_4 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_5 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_6 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_7 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_8 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_9 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_10 | |
| Sun Java Runtime Environment (JRE) | =1.5.0 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update1 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update2 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update3 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update4 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update5 | |
| Java Development Kit (JDK) | =1.3.1 | |
| Java Development Kit (JDK) | =1.3.1_01 | |
| Java Development Kit (JDK) | =1.3.1_01a | |
| Java Development Kit (JDK) | =1.3.1_02 | |
| Java Development Kit (JDK) | =1.3.1_03 | |
| Java Development Kit (JDK) | =1.3.1_04 | |
| Java Development Kit (JDK) | =1.3.1_05 | |
| Java Development Kit (JDK) | =1.3.1_06 | |
| Java Development Kit (JDK) | =1.3.1_07 | |
| Java Development Kit (JDK) | =1.3.1_08 | |
| Java Development Kit (JDK) | =1.3.1_09 | |
| Java Development Kit (JDK) | =1.3.1_10 | |
| Java Development Kit (JDK) | =1.3.1_11 | |
| Java Development Kit (JDK) | =1.3.1_12 | |
| Java Development Kit (JDK) | =1.3.1_13 | |
| Java Development Kit (JDK) | =1.3.1_14 | |
| Java Development Kit (JDK) | =1.3.1_15 | |
| Java Development Kit (JDK) | =1.3.1_16 | |
| Java Development Kit (JDK) | =1.3.1_17 | |
| Java Development Kit (JDK) | =1.3.1_18 | |
| Java Development Kit (JDK) | =1.4.2 | |
| Java Development Kit (JDK) | =1.4.2_1 | |
| Java Development Kit (JDK) | =1.4.2_2 | |
| Java Development Kit (JDK) | =1.4.2_3 | |
| Java Development Kit (JDK) | =1.4.2_4 | |
| Java Development Kit (JDK) | =1.4.2_5 | |
| Java Development Kit (JDK) | =1.4.2_6 | |
| Java Development Kit (JDK) | =1.4.2_7 | |
| Java Development Kit (JDK) | =1.4.2_8 | |
| Java Development Kit (JDK) | =1.4.2_9 | |
| Java Development Kit (JDK) | =1.4.2_10 | |
| =1.5.0 | ||
| =1.5.0-update1 | ||
| =1.5.0-update2 | ||
| =1.5.0-update3 | ||
| =1.5.0-update4 | ||
| =1.5.0-update5 | ||
| =1.3.1 | ||
| =1.3.1_2 | ||
| =1.3.1_03 | ||
| =1.3.1_04 | ||
| =1.3.1_05 | ||
| =1.3.1_06 | ||
| =1.3.1_07 | ||
| =1.3.1_08 | ||
| =1.3.1_09 | ||
| =1.3.1_10 | ||
| =1.3.1_11 | ||
| =1.3.1_12 | ||
| =1.3.1_13 | ||
| =1.3.1_14 | ||
| =1.3.1_15 | ||
| =1.3.1_16 | ||
| =1.3.1_17 | ||
| =1.3.1_18 | ||
| =1.4.2 | ||
| =1.4.2_1 | ||
| =1.4.2_2 | ||
| =1.4.2_3 | ||
| =1.4.2_4 | ||
| =1.4.2_5 | ||
| =1.4.2_6 | ||
| =1.4.2_7 | ||
| =1.4.2_8 | ||
| =1.4.2_9 | ||
| =1.4.2_10 | ||
| =1.5.0 | ||
| =1.5.0-update1 | ||
| =1.5.0-update2 | ||
| =1.5.0-update3 | ||
| =1.5.0-update4 | ||
| =1.5.0-update5 | ||
| =1.3.1 | ||
| =1.3.1_01 | ||
| =1.3.1_01a | ||
| =1.3.1_02 | ||
| =1.3.1_03 | ||
| =1.3.1_04 | ||
| =1.3.1_05 | ||
| =1.3.1_06 | ||
| =1.3.1_07 | ||
| =1.3.1_08 | ||
| =1.3.1_09 | ||
| =1.3.1_10 | ||
| =1.3.1_11 | ||
| =1.3.1_12 | ||
| =1.3.1_13 | ||
| =1.3.1_14 | ||
| =1.3.1_15 | ||
| =1.3.1_16 | ||
| =1.3.1_17 | ||
| =1.3.1_18 | ||
| =1.4.2 | ||
| =1.4.2_1 | ||
| =1.4.2_2 | ||
| =1.4.2_3 | ||
| =1.4.2_4 | ||
| =1.4.2_5 | ||
| =1.4.2_6 | ||
| =1.4.2_7 | ||
| =1.4.2_8 | ||
| =1.4.2_9 | ||
| =1.4.2_10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
- http://www.securityfocus.com/bid/21674
- http://securitytracker.com/id?1017427
- http://secunia.com/advisories/23398
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html
- http://secunia.com/advisories/23650
- http://security.gentoo.org/glsa/glsa-200701-15.xml
- http://security.gentoo.org/glsa/glsa-200702-08.xml
- http://www.redhat.com/support/errata/RHSA-2007-0062.html
- http://www.redhat.com/support/errata/RHSA-2007-0072.html
- http://www.redhat.com/support/errata/RHSA-2007-0073.html
- http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html
- http://secunia.com/advisories/23835
- http://secunia.com/advisories/24099
- http://secunia.com/advisories/24189
- http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html
- http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html
- http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml
- http://www.novell.com/linux/security/advisories/2007_45_java.html
- http://secunia.com/advisories/25404
- http://secunia.com/advisories/26049
- http://secunia.com/advisories/26119
- http://www.vupen.com/english/advisories/2006/5075
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11087
Frequently Asked Questions
What is the severity of CVE-2006-6737?
CVE-2006-6737 is classified as a high severity vulnerability that allows attackers to access sensitive data through untrusted applets.
How do I fix CVE-2006-6737?
To fix CVE-2006-6737, upgrade to the latest version of the Sun Java Development Kit (JDK) or Java Runtime Environment (JRE) that is not affected by this vulnerability.
Which versions of Java are affected by CVE-2006-6737?
CVE-2006-6737 affects Sun JDK and JRE versions 5.0 Update 5 and earlier, and JRE versions 1.4.2_10 and earlier 1.4.x versions, as well as SDK and JRE versions 1.3.1_18 and earlier.
What type of attack does CVE-2006-6737 allow?
CVE-2006-6737 allows attackers to exploit untrusted applets to gain unauthorized access to data.
Is there a patch available for CVE-2006-6737?
Yes, there is a patch available through updates of the affected Java versions, so it's essential to keep your Java installation up to date.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/sun
- product/jdk
- canonical/sun jdk
- product/jre
- canonical/sun jre
- product/sdk
- canonical/sun sdk
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/tags
- canonical/java development kit (jdk)
- version/java development kit (jdk)/1.5.0
- version/java development kit (jdk)/1.5.0-update1
- version/java development kit (jdk)/1.5.0-update2
- version/java development kit (jdk)/1.5.0-update3
- version/java development kit (jdk)/1.5.0-update4
- version/java development kit (jdk)/1.5.0-update5
- canonical/sun java runtime environment (jre)
- version/sun java runtime environment (jre)/1.3.1
- version/sun java runtime environment (jre)/1.3.1_2
- version/sun java runtime environment (jre)/1.3.1_03
- version/sun java runtime environment (jre)/1.3.1_04
- version/sun java runtime environment (jre)/1.3.1_05
- version/sun java runtime environment (jre)/1.3.1_06
- version/sun java runtime environment (jre)/1.3.1_07
- version/sun java runtime environment (jre)/1.3.1_08
- version/sun java runtime environment (jre)/1.3.1_09
- version/sun java runtime environment (jre)/1.3.1_10
- version/sun java runtime environment (jre)/1.3.1_11
- version/sun java runtime environment (jre)/1.3.1_12
- version/sun java runtime environment (jre)/1.3.1_13
- version/sun java runtime environment (jre)/1.3.1_14
- version/sun java runtime environment (jre)/1.3.1_15
- version/sun java runtime environment (jre)/1.3.1_16
- version/sun java runtime environment (jre)/1.3.1_17
- version/sun java runtime environment (jre)/1.3.1_18
- version/sun java runtime environment (jre)/1.4.2
- version/sun java runtime environment (jre)/1.4.2_1
- version/sun java runtime environment (jre)/1.4.2_2
- version/sun java runtime environment (jre)/1.4.2_3
- version/sun java runtime environment (jre)/1.4.2_4
- version/sun java runtime environment (jre)/1.4.2_5
- version/sun java runtime environment (jre)/1.4.2_6
- version/sun java runtime environment (jre)/1.4.2_7
- version/sun java runtime environment (jre)/1.4.2_8
- version/sun java runtime environment (jre)/1.4.2_9
- version/sun java runtime environment (jre)/1.4.2_10
- version/sun java runtime environment (jre)/1.5.0
- version/sun java runtime environment (jre)/1.5.0-update1
- version/sun java runtime environment (jre)/1.5.0-update2
- version/sun java runtime environment (jre)/1.5.0-update3
- version/sun java runtime environment (jre)/1.5.0-update4
- version/sun java runtime environment (jre)/1.5.0-update5
- version/java development kit (jdk)/1.3.1
- version/java development kit (jdk)/1.3.1_01
- version/java development kit (jdk)/1.3.1_01a
- version/java development kit (jdk)/1.3.1_02
- version/java development kit (jdk)/1.3.1_03
- version/java development kit (jdk)/1.3.1_04
- version/java development kit (jdk)/1.3.1_05
- version/java development kit (jdk)/1.3.1_06
- version/java development kit (jdk)/1.3.1_07
- version/java development kit (jdk)/1.3.1_08
- version/java development kit (jdk)/1.3.1_09
- version/java development kit (jdk)/1.3.1_10
- version/java development kit (jdk)/1.3.1_11
- version/java development kit (jdk)/1.3.1_12
- version/java development kit (jdk)/1.3.1_13
- version/java development kit (jdk)/1.3.1_14
- version/java development kit (jdk)/1.3.1_15
- version/java development kit (jdk)/1.3.1_16
- version/java development kit (jdk)/1.3.1_17
- version/java development kit (jdk)/1.3.1_18
- version/java development kit (jdk)/1.4.2
- version/java development kit (jdk)/1.4.2_1
- version/java development kit (jdk)/1.4.2_2
- version/java development kit (jdk)/1.4.2_3
- version/java development kit (jdk)/1.4.2_4
- version/java development kit (jdk)/1.4.2_5
- version/java development kit (jdk)/1.4.2_6
- version/java development kit (jdk)/1.4.2_7
- version/java development kit (jdk)/1.4.2_8
- version/java development kit (jdk)/1.4.2_9
- version/java development kit (jdk)/1.4.2_10