CVE-2010-3564

6 documents6 sources
Severity
6.4MEDIUM
EPSS
8.2%
top 7.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle SUN Products Suite
Timeline
PublishedOct 14
Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-vgp7-8r7h-qwg6: Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 72022-05-17
CVEList
CVE-2010-3564: Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 72010-10-14

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities2010-10-28
Red Hat
OpenJDK kerberos vulnerability (6958060)2010-10-12

💬Community

1
Bugzilla
CVE-2010-3564 OpenJDK kerberos vulnerability (6958060)2010-10-04
CVE-2010-3564 (MEDIUM CVSS 6.4) | Unspecified vulnerability in the Or | cvebase.io