Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2010-3559

Published: 19/10/2010 Updated: 30/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Sun

Vulnerability Summary

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows malicious users to execute arbitrary code via a crafted BANK record that leads to a buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

sun jre 1.6.0

sun jre

sun jdk 1.6.0

sun jdk

sun jdk 1.5.0

sun sdk 1.4.2

sun sdk 1.4.2_15

sun sdk 1.4.2_16

sun sdk 1.4.2_6

sun sdk 1.4.2_7

sun sdk 1.4.2_24

sun sdk 1.4.2_25

sun sdk 1.4.2_26

sun sdk 1.4.2_13

sun sdk 1.4.2_14

sun sdk 1.4.2_4

sun sdk 1.4.2_5

sun sdk 1.4.2_22

sun sdk 1.4.2_23

sun sdk 1.4.2_11

sun sdk 1.4.2_12

sun sdk 1.4.2_19

sun sdk 1.4.2_3

sun sdk 1.4.2_20

sun sdk 1.4.2_21

sun sdk 1.4.2_02

sun sdk 1.4.2_1

sun sdk 1.4.2_10

sun sdk 1.4.2_17

sun sdk 1.4.2_18

sun sdk 1.4.2_8

sun sdk 1.4.2_9

sun sdk

sun jre 1.5.0

sun jre 1.4.2_2

sun jre 1.4.2_3

sun jre 1.4.2_10

sun jre 1.4.2_18

sun jre 1.4.2_19

sun jre 1.4.2_26

sun jre 1.4.2

sun jre 1.4.2_1

sun jre 1.4.2_8

sun jre 1.4.2_9

sun jre 1.4.2_15

sun jre 1.4.2_16

sun jre 1.4.2_17

sun jre 1.4.2_24

sun jre 1.4.2_25

sun jre 1.4.2_6

sun jre 1.4.2_7

sun jre 1.4.2_13

sun jre 1.4.2_14

sun jre 1.4.2_22

sun jre 1.4.2_23

sun jre 1.4.2_4

sun jre 1.4.2_5

sun jre 1.4.2_11

sun jre 1.4.2_12

sun jre 1.4.2_20

sun jre 1.4.2_21

sun jdk 1.3.0_05

sun jdk 1.3.1

sun jdk 1.3.1_07

sun jdk 1.3.1_08

sun jdk 1.3.1_14

sun jdk 1.3.1_16

sun jdk 1.3.1_23

sun jdk 1.3.1_24

sun jdk 1.3.0_03

sun jdk 1.3.0_04

sun jdk 1.3.1_05

sun jdk 1.3.1_06

sun jdk 1.3.1_13

sun jdk 1.3.1_15

sun jdk 1.3.1_21

sun jdk 1.3.1_22

sun jdk 1.3.0_01

sun jdk 1.3.0_02

sun jdk 1.3.1_02

sun jdk 1.3.1_03

sun jdk 1.3.1_04

sun jdk 1.3.1_11

sun jdk 1.3.1_12

sun jdk 1.3.1_19

sun jdk 1.3.1_20

sun jdk 1.3.0

sun jdk 1.3.1_01

sun jdk 1.3.1_01a

sun jdk 1.3.1_09

sun jdk 1.3.1_10

sun jdk 1.3.1_17

sun jdk 1.3.1_18

sun jdk 1.3.1_25

sun jdk 1.3.1_26

sun jdk 1.3.1_27

sun jre 1.3.0

sun jre 1.3.1_04

sun jre 1.3.1_05

sun jre 1.3.1_12

sun jre 1.3.1_13

sun jre 1.3.1_14

sun jre 1.3.1_20

sun jre 1.3.1

sun jre 1.3.1_03

sun jre 1.3.1_10

sun jre 1.3.1_11

sun jre 1.3.1_19

sun jre 1.3.1_2

sun jre 1.3.1_26

sun jre 1.3.1_27

sun jre 1.3.1_21

sun jre 1.3.1_08

sun jre 1.3.1_09

sun jre 1.3.1_17

sun jre 1.3.1_18

sun jre 1.3.1_24

sun jre 1.3.1_25

sun jre 1.3.1_06

sun jre 1.3.1_07

sun jre 1.3.1_15

sun jre 1.3.1_16

sun jre 1.3.1_22

sun jre 1.3.1_23

sun sdk 1.3.0_04

sun sdk 1.3.0_05

sun sdk 1.3.1_06

sun sdk 1.3.1_07

sun sdk 1.3.1_14

sun sdk 1.3.1_15

sun sdk 1.3.1_22

sun sdk 1.3.1_23

sun sdk 1.3.1_24

sun sdk 1.3.1

sun sdk 1.3.1_01

sun sdk 1.3.1_01a

sun sdk 1.3.1_08

sun sdk 1.3.1_09

sun sdk 1.3.1_16

sun sdk 1.3.1_17

sun sdk 1.3.1_25

sun sdk 1.3.1_26

sun sdk 1.3.0_02

sun sdk 1.3.0_03

sun sdk 1.3.1_04

sun sdk 1.3.1_05

sun sdk 1.3.1_12

sun sdk 1.3.1_13

sun sdk 1.3.1_20

sun sdk 1.3.1_21

sun sdk 1.3.0

sun sdk 1.3.0_01

sun sdk 1.3.1_02

sun sdk 1.3.1_03

sun sdk 1.3.1_10

sun sdk 1.3.1_11

sun sdk 1.3.1_18

sun sdk 1.3.1_19

sun sdk 1.3.1_27

Vendor Advisories

Red Hat: Critical: java-1.6.0-sun security update
Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThe Red Hat Security Response Team has rated this update as having cri ...
Cisco: MIT Kerberos GSS-API Library Remote Denial of Service Vulnerability
MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is in the GSS-API acceptor component due to lack of pointer validation  An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected componen ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.htmlhttp://support.avaya.com/css/P8/documents/100114315http://www.redhat.com/support/errata/RHSA-2010-0770.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0807.htmlhttp://secunia.com/advisories/41967http://www.redhat.com/support/errata/RHSA-2010-0873.htmlhttp://www.securityfocus.com/bid/44026http://www.zerodayinitiative.com/advisories/ZDI-10-208/http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlhttp://support.avaya.com/css/P8/documents/100123193http://secunia.com/advisories/42974http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlhttp://marc.info/?l=bugtraq&m=134254866602253&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12556https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11880http://www.securityfocus.com/archive/1/516397/100/0/threadedhttps://access.redhat.com/errata/RHSA-2010:0770https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20100519-CVE-2010-1321
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook