The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun
Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not
properly restrict the objects that may be sent to loggers, which allows
attackers to obtain sensitive information via vectors related to the
implementation of Component, KeyboardFocusManager, and
DefaultKeyboardFocusManager, aka Bug Id 6664512.
Updated: 2015-07-15 19:32:44 UTC (commit 9690)