Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2010-3564

Published: 14/10/2010 Updated: 19/09/2017
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Sun Products Suite

Vulnerability Summary

Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows malicious users to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle sun products suite 7.0

Vendor Advisories

Red Hat: Important: java-1.6.0-openjdk security and bug fix update
Synopsis Important: java-160-openjdk security and bug fix update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues andtwo bugs are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as ha ...
Ubuntu Security Notice: openjdk-6, openjdk-6b18 vulnerabilities
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user’s session USN-923-1 disabled SSL/TLS renegotiation by default; this update implements the TLS Renegotiati ...

References

NVD-CWE-noinfohttp://www.securityfocus.com/bid/43963http://support.avaya.com/css/P8/documents/100114327http://secunia.com/advisories/41972http://www.ubuntu.com/usn/USN-1010-1http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.htmlhttp://www.us-cert.gov/cas/techalerts/TA10-287A.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0768.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0865.htmlhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.htmlhttp://secunia.com/advisories/42377http://www.vupen.com/english/advisories/2010/3086http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748http://support.avaya.com/css/P8/documents/100123193http://security.gentoo.org/glsa/glsa-201406-32.xmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12398https://access.redhat.com/errata/RHSA-2010:0768https://nvd.nist.govhttps://usn.ubuntu.com/1010-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886insecure direct object referenceCVE-2024-34342file inclusionCVE-2024-34562CVE-2024-34347CVE-2024-26026CVE-2024-4647unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook