Published: 19/10/2010 Updated: 30/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote malicious users to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 1.6.0
sun jre
sun jdk 1.6.0
sun jdk
sun jdk 1.5.0
sun sdk 1.4.2_1
sun sdk 1.4.2_10
sun sdk 1.4.2
sun sdk 1.4.2_02
sun sdk 1.4.2_15
sun sdk 1.4.2_16
sun sdk 1.4.2_7
sun sdk 1.4.2_8
sun sdk 1.4.2_25
sun sdk 1.4.2_26
sun sdk 1.4.2_17
sun sdk 1.4.2_18
sun sdk 1.4.2_9
sun sdk 1.4.2_20
sun sdk
sun sdk 1.4.2_11
sun sdk 1.4.2_12
sun sdk 1.4.2_19
sun sdk 1.4.2_3
sun sdk 1.4.2_4
sun sdk 1.4.2_21
sun sdk 1.4.2_22
sun sdk 1.4.2_13
sun sdk 1.4.2_14
sun sdk 1.4.2_5
sun sdk 1.4.2_6
sun sdk 1.4.2_23
sun sdk 1.4.2_24
sun jre 1.5.0
sun jre 1.4.2_2
sun jre 1.4.2_3
sun jre 1.4.2_4
sun jre 1.4.2_10
sun jre 1.4.2_11
sun jre 1.4.2_18
sun jre 1.4.2_19
sun jre 1.4.2_5
sun jre 1.4.2_6
sun jre 1.4.2_12
sun jre 1.4.2_13
sun jre 1.4.2_20
sun jre 1.4.2_21
sun jre 1.4.2_7
sun jre 1.4.2_8
sun jre 1.4.2_14
sun jre 1.4.2_15
sun jre 1.4.2_22
sun jre 1.4.2_23
sun jre 1.4.2
sun jre 1.4.2_1
sun jre 1.4.2_9
sun jre 1.4.2_16
sun jre 1.4.2_17
sun jre 1.4.2_24
sun jre 1.4.2_25
sun jre 1.4.2_26

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user’s session USN-923-1 disabled SSL/TLS renegotiation by default; this update implements the TLS Renegotiati ...

Synopsis Important: java-160-openjdk security and bug fix update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues andtwo bugs are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as ha ...

Synopsis Critical: java-142-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-142-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4Extras, and Red Hat Enterprise Linux 5 SupplementaryThe Red Ha ...

Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThe Red Hat Security Response Team has rated this update as having cri ...

MIT Kerberos contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is in the GSS-API acceptor component due to lack of pointer validation  An authenticated, remote attacker could exploit the vulnerability by making a crafted request to the affected componen ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.vupen.com/english/advisories/2010/2745 https://bugzilla.redhat.com/show_bug.cgi?id=639925 http://support.avaya.com/css/P8/documents/100114327 http://support.avaya.com/css/P8/documents/100114315 http://www.redhat.com/support/errata/RHSA-2010-0770.html http://secunia.com/advisories/41972 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://www.redhat.com/support/errata/RHSA-2010-0807.html http://www.redhat.com/support/errata/RHSA-2010-0786.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://www.ubuntu.com/usn/USN-1010-1 http://secunia.com/advisories/41967 http://www.redhat.com/support/errata/RHSA-2010-0865.html http://www.redhat.com/support/errata/RHSA-2010-0768.html http://www.redhat.com/support/errata/RHSA-2010-0873.html http://www.redhat.com/support/errata/RHSA-2010-0986.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://www.redhat.com/support/errata/RHSA-2010-0987.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://support.avaya.com/css/P8/documents/100123193 http://secunia.com/advisories/42974 http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.redhat.com/support/errata/RHSA-2011-0880.html http://secunia.com/advisories/44954 http://security.gentoo.org/glsa/glsa-201406-32.xml http://marc.info/?l=bugtraq&m=134254866602253&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12234 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12226 http://www.securityfocus.com/archive/1/516397/100/0/threaded https://nvd.nist.gov https://usn.ubuntu.com/1010-1/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20100519-CVE-2010-1321

CVE-2010-3569

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect