Published: 19/10/2010 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 1.6.0
sun jre
sun jdk 1.6.0
sun jdk
sun jdk 1.5.0
sun jre 1.5.0

Synopsis Important: java-160-openjdk security and bug fix update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues andtwo bugs are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as ha ...

Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThe Red Hat Security Response Team has rated this update as having cri ...

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user’s session USN-923-1 disabled SSL/TLS renegotiation by default; this update implements the TLS Renegotiati ...

MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is in the GSS-API acceptor component due to lack of pointer validation  An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected componen ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.securityfocus.com/bid/43988 http://support.avaya.com/css/P8/documents/100114315 http://www.redhat.com/support/errata/RHSA-2010-0770.html http://www.zerodayinitiative.com/advisories/ZDI-10-204/http://www.ubuntu.com/usn/USN-1010-1 http://secunia.com/advisories/41967 http://www.redhat.com/support/errata/RHSA-2010-0807.html http://secunia.com/advisories/41972 http://www.redhat.com/support/errata/RHSA-2010-0873.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html http://secunia.com/advisories/42377 http://www.vupen.com/english/advisories/2010/3086 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.redhat.com/support/errata/RHSA-2010-0987.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://support.avaya.com/css/P8/documents/100123193 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://secunia.com/advisories/42974 http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.redhat.com/support/errata/RHSA-2011-0880.html http://secunia.com/advisories/44954 http://security.gentoo.org/glsa/glsa-201406-32.xml http://marc.info/?l=bugtraq&m=134254866602253&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11560 http://www.securityfocus.com/archive/1/516397/100/0/threaded https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2010:0768 https://usn.ubuntu.com/1010-1/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20100519-CVE-2010-1321

CVE-2010-3566

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect