Candidate: CVE-2009-3886
PublicDate: 2009-11-09 19:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3886
Description:
 The Java Web Start implementation in Sun Java SE 6 before Update 17 does
 not properly handle the interaction between a signed JAR file and a JNLP
 (1) application or (2) applet, which has unspecified impact and attack
 vectors, related to a "regression," aka Bug Id 6870531.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_sun-java6:
upstream_sun-java6: released (6.17)
dapper_sun-java6: DNE
hardy_sun-java6: released (6.20dlj-0ubuntu1.8.04)
intrepid_sun-java6: needs-triage (reached end-of-life)
jaunty_sun-java6: released (6.20dlj-0ubuntu1.9.04)
karmic_sun-java6: released (6.20dlj-0ubuntu1.9.10)
lucid_sun-java6: released (6.20dlj-1ubuntu3)
devel_sun-java6: DNE

Patches_sun-java5:
upstream_sun-java5: not-affected
dapper_sun-java5: ignored (reached end-of-life)
hardy_sun-java5: not-affected
intrepid_sun-java5: needs-triage (reached end-of-life)
jaunty_sun-java5: not-affected
karmic_sun-java5: DNE
lucid_sun-java5: DNE
devel_sun-java5: DNE