Source: sun-java5 Version: 1.5.0-10-3 java with it's browser plugin runtime is a widely used software package which has no support by the security team and not enough support from the package maintainers / release team.
There are serious remote vulns. unfixed in etch which which are rated by the NIST(CVE-2007-5689): CVSS Severity (version 2.0): CVSS v2 Base score: 10.0 (High) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend) Impact Subscore: 10.0 Exploitability Subscore: 10.0 Access Vector: Network exploitable Access Complexity: Low Authentication: Not required to exploit Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service Widely used but buggy and unsupported packages should not be included. Ref: http://security-tracker.debian.net/tracker/CVE-2007-5689 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423062 http://security-tracker.debian.net/tracker/source-package/sun-java5 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
