CVE-2010-3555JDK vulnerability

CWE-3996 documents6 sources
Severity
9.3CRITICALNVD
EPSS
13.3%
top 5.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedOct 19
Latest updateMay 17

Description

Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary co

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDsun/jdk1.6.0+1
NVDsun/jre1.6.0+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-f2gj-f7q5-jjg4: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidenti2022-05-17
CVEList
CVE-2010-3555: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidenti2010-10-19

📋Vendor Advisories

2
Red Hat
JDK unspecified vulnerability in Deployment component2010-10-12
Cisco
MIT Kerberos GSS-API Library Remote Denial of Service Vulnerability2010-05-19

💬Community

1
Bugzilla
CVE-2010-3555 JDK unspecified vulnerability in Deployment component2010-10-13
CVE-2010-3555 — SUN JDK vulnerability | cvebase