Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-3548

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-19 Oct, 2010 | 21:00
Updated At-07 Aug, 2024 | 03:11
Rejected At-
Credits

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:19 Oct, 2010 | 21:00
Updated At:07 Aug, 2024 | 03:11
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://support.avaya.com/css/P8/documents/100114327
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0865.html
vendor-advisory
x_refsource_REDHAT
http://support.avaya.com/css/P8/documents/100114315
x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201406-32.xml
vendor-advisory
x_refsource_GENTOO
http://marc.info/?l=bugtraq&m=134254866602253&w=2
vendor-advisory
x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
vendor-advisory
x_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2010-0770.html
vendor-advisory
x_refsource_REDHAT
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
vendor-advisory
x_refsource_HP
http://www.redhat.com/support/errata/RHSA-2010-0768.html
vendor-advisory
x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
vendor-advisory
x_refsource_FEDORA
http://www.ubuntu.com/usn/USN-1010-1
vendor-advisory
x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2010-0987.html
vendor-advisory
x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2010-0986.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/44954
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0880.html
vendor-advisory
x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0873.html
vendor-advisory
x_refsource_REDHAT
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
http://secunia.com/advisories/42974
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/41972
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/3086
vdb-entry
x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
vendor-advisory
x_refsource_HP
http://support.avaya.com/css/P8/documents/100123193
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0786.html
vendor-advisory
x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/42377
third-party-advisory
x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
vendor-advisory
x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/44017
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=639909
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/516397/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/41967
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2010-0807.html
vendor-advisory
x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
vendor-advisory
x_refsource_FEDORA
http://www.vupen.com/english/advisories/2010/2745
vdb-entry
x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
vdb-entry
signature
x_refsource_OVAL
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://support.avaya.com/css/P8/documents/100114327
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0865.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://support.avaya.com/css/P8/documents/100114315
Resource:
x_refsource_CONFIRM
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://marc.info/?l=bugtraq&m=134254866602253&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0770.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0768.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.ubuntu.com/usn/USN-1010-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0987.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0986.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/44954
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0880.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0873.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/42974
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/41972
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/3086
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://support.avaya.com/css/P8/documents/100123193
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0786.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/42377
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/44017
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=639909
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/41967
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0807.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.vupen.com/english/advisories/2010/2745
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Resource:
vendor-advisory
x_refsource_FEDORA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://support.avaya.com/css/P8/documents/100114327
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0865.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://support.avaya.com/css/P8/documents/100114315
x_refsource_CONFIRM
x_transferred
http://security.gentoo.org/glsa/glsa-201406-32.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://marc.info/?l=bugtraq&m=134254866602253&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0770.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
vendor-advisory
x_refsource_HP
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0768.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.ubuntu.com/usn/USN-1010-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0987.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0986.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/44954
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0880.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0873.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
x_refsource_CONFIRM
x_transferred
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/42974
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/41972
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/3086
vdb-entry
x_refsource_VUPEN
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
vendor-advisory
x_refsource_HP
x_transferred
http://support.avaya.com/css/P8/documents/100123193
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0786.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/42377
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/44017
vdb-entry
x_refsource_BID
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=639909
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/516397/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/41967
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0807.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.vupen.com/english/advisories/2010/2745
vdb-entry
x_refsource_VUPEN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100114327
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0865.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100114315
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=134254866602253&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0770.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0768.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1010-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0987.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0986.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/44954
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0880.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0873.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/42974
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/41972
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/3086
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100123193
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0786.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/42377
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/44017
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=639909
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/41967
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0807.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/2745
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:19 Oct, 2010 | 22:00
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Sun Microsystems (Oracle Corporation)
sun
>>jre>>Versions up to 1.6.0(inclusive)
cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jre>>1.6.0
cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>Versions up to 1.6.0(inclusive)
cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.6.0
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>Versions up to 1.5.0(inclusive)
cpe:2.3:a:sun:jdk:*:update25:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>jdk>>1.5.0
cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html 'May be vulnerable only through untrusted Java Web Start applications and Java applets.'
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748secalert_us@oracle.com
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748secalert_us@oracle.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.htmlsecalert_us@oracle.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.htmlsecalert_us@oracle.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.htmlsecalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=134254866602253&w=2secalert_us@oracle.com
N/A
http://secunia.com/advisories/41967secalert_us@oracle.com
N/A
http://secunia.com/advisories/41972secalert_us@oracle.com
N/A
http://secunia.com/advisories/42377secalert_us@oracle.com
N/A
http://secunia.com/advisories/42974secalert_us@oracle.com
N/A
http://secunia.com/advisories/44954secalert_us@oracle.com
N/A
http://security.gentoo.org/glsa/glsa-201406-32.xmlsecalert_us@oracle.com
N/A
http://support.avaya.com/css/P8/documents/100114315secalert_us@oracle.com
N/A
http://support.avaya.com/css/P8/documents/100114327secalert_us@oracle.com
N/A
http://support.avaya.com/css/P8/documents/100123193secalert_us@oracle.com
N/A
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.htmlsecalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlsecalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlsecalert_us@oracle.com
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0768.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0770.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0786.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0807.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0865.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0873.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0986.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0987.htmlsecalert_us@oracle.com
N/A
http://www.redhat.com/support/errata/RHSA-2011-0880.htmlsecalert_us@oracle.com
N/A
http://www.securityfocus.com/archive/1/516397/100/0/threadedsecalert_us@oracle.com
N/A
http://www.securityfocus.com/bid/44017secalert_us@oracle.com
N/A
http://www.ubuntu.com/usn/USN-1010-1secalert_us@oracle.com
N/A
http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlsecalert_us@oracle.com
N/A
http://www.vupen.com/english/advisories/2010/2745secalert_us@oracle.com
N/A
http://www.vupen.com/english/advisories/2010/3086secalert_us@oracle.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=639909secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475secalert_us@oracle.com
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748af854a3a-2127-422b-91ae-364da2661108
N/A
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=134254866602253&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/41967af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/41972af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/42377af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/42974af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/44954af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201406-32.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/css/P8/documents/100114315af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/css/P8/documents/100114327af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/css/P8/documents/100123193af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0768.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0770.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0786.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0807.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0865.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0873.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0986.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0987.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-0880.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/516397/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/44017af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1010-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/2745af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/3086af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=639909af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=134254866602253&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/41967
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/41972
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/42377
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/42974
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/44954
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100114315
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100114327
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100123193
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Source: secalert_us@oracle.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0768.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0770.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0786.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0807.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0865.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0873.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0986.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0987.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0880.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/44017
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1010-1
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/2745
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/3086
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=639909
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=134254866602253&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/41967
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/41972
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/42377
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/42974
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/44954
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201406-32.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100114315
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100114327
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/css/P8/documents/100123193
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0768.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0770.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0786.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0807.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0865.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0873.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0986.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0987.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0880.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/44017
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1010-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/2745
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/3086
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=639909
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

91Records found
CVE-2011-0869
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-14 Jun, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2011-0867
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-14 Jun, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-4466
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.29% / 84.07%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3551
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.29% / 86.69%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2001-0633
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.42% / 60.89%
||
7 Day CHG~0.00%
Published-27 Jul, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-chilisoftn/a
CVE-2000-0958
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.63% / 87.37%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-hotjava_browsern/a
CVE-2011-0868
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-5.54% / 89.90%
||
7 Day CHG~0.00%
Published-14 Jun, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2000-0174
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.62% / 87.36%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-starofficen/a
CVE-2009-3884
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.35% / 79.32%
||
7 Day CHG~0.00%
Published-09 Nov, 2009 | 19:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jreopenjdkn/a
CVE-2009-2671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-6.12% / 90.43%
||
7 Day CHG~0.00%
Published-05 Aug, 2009 | 19:00
Updated-07 Aug, 2024 | 05:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2009-2690
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-4.37% / 88.52%
||
7 Day CHG~0.00%
Published-10 Aug, 2009 | 18:00
Updated-07 Aug, 2024 | 05:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_seopenjdkn/a
CWE ID-CWE-264
Not Available
CVE-2009-2670
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.65% / 87.40%
||
7 Day CHG~0.00%
Published-05 Aug, 2009 | 19:00
Updated-07 Aug, 2024 | 05:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CWE ID-CWE-264
Not Available
CVE-2009-3880
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.48% / 64.30%
||
7 Day CHG~0.00%
Published-09 Nov, 2009 | 19:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jreopenjdkn/a
CWE ID-CWE-264
Not Available
CVE-2009-1075
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.57% / 67.78%
||
7 Day CHG~0.00%
Published-25 Mar, 2009 | 15:00
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_identity_managern/a
CWE ID-CWE-255
Not Available
CVE-2009-1332
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.42% / 60.91%
||
7 Day CHG~0.00%
Published-17 Apr, 2009 | 14:00
Updated-07 Aug, 2024 | 05:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_directory_servern/a
CVE-2009-1076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.69% / 70.80%
||
7 Day CHG~0.00%
Published-25 Mar, 2009 | 15:00
Updated-16 Sep, 2024 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_identity_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2009-1074
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.65% / 69.89%
||
7 Day CHG~0.00%
Published-25 Mar, 2009 | 15:00
Updated-16 Sep, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use SSL in all expected circumstances, which makes it easier for remote attackers to obtain sensitive information by sniffing the network, related to "ssl termination devices" and lack of support for relative URLs.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_identity_managern/a
CWE ID-CWE-310
Not Available
CVE-2009-0046
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.09% / 25.99%
||
7 Day CHG~0.00%
Published-07 Jan, 2009 | 18:00
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-grid_enginen/a
CWE ID-CWE-287
Improper Authentication
CVE-2010-0084
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-1.94% / 82.68%
||
7 Day CHG~0.00%
Published-01 Apr, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2009-0278
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.49%
||
7 Day CHG~0.00%
Published-27 Jan, 2009 | 02:00
Updated-07 Aug, 2024 | 04:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_application_servern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2009-0348
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.47% / 92.00%
||
7 Day CHG~0.00%
Published-29 Jan, 2009 | 19:00
Updated-07 Aug, 2024 | 04:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_access_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-0375
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-1.17% / 77.77%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2008-5341
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.13% / 77.46%
||
7 Day CHG~0.00%
Published-05 Dec, 2008 | 11:00
Updated-07 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted JWS applications to obtain the pathname of the JWS cache and the application username via unknown vectors, aka CR 6727071.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-5342
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.13% / 77.46%
||
7 Day CHG~0.00%
Published-05 Dec, 2008 | 11:00
Updated-07 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-5350
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.67% / 81.36%
||
7 Day CHG~0.00%
Published-05 Dec, 2008 | 11:00
Updated-07 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-5549
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.46% / 63.33%
||
7 Day CHG~0.00%
Published-12 Dec, 2008 | 18:13
Updated-07 Aug, 2024 | 10:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_portal_servern/a
CWE ID-CWE-264
Not Available
CVE-2008-2120
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.64% / 69.59%
||
7 Day CHG~0.00%
Published-09 May, 2008 | 15:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_web_serverjava_system_application_servern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-5778
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.11% / 83.41%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2008-3114
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.33% / 86.78%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjresdkn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-2437
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.85% / 87.74%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2447
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.85% / 87.74%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2446
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.48% / 87.12%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-2412
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.81% / 87.65%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2008-2402
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.39% / 59.28%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_asp_servern/a
CWE ID-CWE-264
Not Available
CVE-2013-0435
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2012-5075
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.07% / 83.22%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-5072
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.07% / 83.22%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-0769
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5||MEDIUM
EPSS-1.95% / 82.71%
||
7 Day CHG~0.00%
Published-05 Mar, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCSun Microsystems (Oracle Corporation)Apple Inc.Adobe Inc.
Product-linux_kernelwindowsandroidflash_playermac_os_xsunosflash_player_for_androidn/a
CVE-2014-4277
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.39% / 59.13%
||
7 Day CHG~0.00%
Published-15 Oct, 2014 | 15:15
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4283.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2007-3224
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.98%
||
7 Day CHG+0.05%
Published-14 Jun, 2007 | 23:00
Updated-07 Aug, 2024 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-one_directory_serverjava_system_directory_servern/a
CVE-2007-1913
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.64% / 69.64%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aMicrosoft CorporationSAP SEApple Inc.Siemens AGSun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, IncHP Inc.
Product-os_400windows_serversolarislinux_kernelracfhp-uxtru64reliant_unixmacosrfc_libraryaixn/a
CVE-2000-0234
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.86% / 87.76%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-cobalt_raq_3icobalt_raq_2n/a
CVE-2007-0114
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.77% / 72.55%
||
7 Day CHG+0.03%
Published-09 Jan, 2007 | 00:00
Updated-07 Aug, 2024 | 12:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive information regarding "content details" via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_content_delivery_servern/a
CVE-2013-2456
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-3.44% / 87.03%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2006-6009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.42% / 60.91%
||
7 Day CHG~0.00%
Published-21 Nov, 2006 | 23:00
Updated-07 Aug, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Update 7 and earlier allows attackers to obtain certain information via unknown attack vectors, related to an untrusted applet accessing data in other applets.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2006-4959
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.55% / 67.03%
||
7 Day CHG~0.00%
Published-23 Sep, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-secure_global_desktopn/a
CVE-2006-4353
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.81% / 73.34%
||
7 Day CHG~0.00%
Published-25 Aug, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_content_delivery_servern/a
CVE-2005-1753
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.35% / 56.53%
||
7 Day CHG~0.00%
Published-21 May, 2006 | 16:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-javamailn/a
CVE-2005-4804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.71% / 71.29%
||
7 Day CHG~0.00%
Published-25 May, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_application_servern/a
CVE-2005-4805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.52% / 65.85%
||
7 Day CHG~0.00%
Published-25 May, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_application_servern/a
  • Previous
  • 1
  • 2
  • Next
Details not found