Candidate: CVE-2009-2719
PublicDate: 2009-08-10 20:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2719
 http://java.sun.com/javase/6/webnotes/6u15.html
Description:
 The Java Web Start implementation in Sun Java SE 6 before Update 15 allows
 context-dependent attackers to cause a denial of service
 (NullPointerException) via a crafted .jnlp file, as demonstrated by the
 jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility
 Kit (TCK) for the Java Network Launching Protocol (JNLP).
Ubuntu-Description:
Notes:
 kees> Sun bug 6848964
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_sun-java6:
upstream_sun-java6: released (6.15)
dapper_sun-java6: DNE
hardy_sun-java6: released (6.20dlj-0ubuntu1.8.04)
intrepid_sun-java6: needs-triage (reached end-of-life)
jaunty_sun-java6: released (6.20dlj-0ubuntu1.9.04)
karmic_sun-java6: released (6.20dlj-0ubuntu1.9.10)
lucid_sun-java6: released (6.20dlj-1ubuntu3)
maverick_sun-java6: not-affected
natty_sun-java6: not-affected
devel_sun-java6: not-affected

Patches_sun-java5:
upstream_sun-java5: needs-triage
dapper_sun-java5: ignored (reached end-of-life)
hardy_sun-java5: ignored (upstream sun-java5 is EoL)
intrepid_sun-java5: needs-triage (reached end-of-life)
jaunty_sun-java5: ignored (reached end-of-life)
karmic_sun-java5: DNE
lucid_sun-java5: DNE
maverick_sun-java5: DNE
natty_sun-java5: DNE
devel_sun-java5: DNE

Patches_openjdk-6:
upstream_openjdk-6: released (6b15)
dapper_openjdk-6: DNE
hardy_openjdk-6: not-affected (code not present)
intrepid_openjdk-6: not-affected (code not present)
jaunty_openjdk-6: not-affected (code not present)
karmic_openjdk-6: not-affected (6b16-1.6.1-0ubuntu1)
lucid_openjdk-6: not-affected (6b16-1.6.1-0ubuntu1)
maverick_openjdk-6: not-affected (6b16-1.6.1-0ubuntu1)
natty_openjdk-6: not-affected (6b16-1.6.1-0ubuntu1)
devel_openjdk-6: not-affected (6b16-1.6.1-0ubuntu1)