CVE-2010-4450

Published: 17/02/2011 Updated: 30/10/2018

CVSS v2 Base Score: 3.7 | Impact Score: 6.4 | Exploitability Score: 1.9

VMScore: 329

Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and previous versions for Solaris and Linux; 5.0 Update 27 and previous versions for Solaris and Linux; and 1.4.2_29 and previous versions for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 1.6.0
sun jre
sun jdk 1.6.0
sun jdk
sun jdk 1.5.0
sun sdk 1.4.2 19
sun sdk 1.4.2
sun sdk
sun sdk 1.4.2 26
sun sdk 1.4.2 10
sun sdk 1.4.2 12
sun sdk 1.4.2 17
sun sdk 1.4.2 14
sun sdk 1.4.2 21
sun sdk 1.4.2 13
sun sdk 1.4.2 6
sun sdk 1.4.2 23
sun sdk 1.4.2 5
sun sdk 1.4.2 1
sun sdk 1.4.2 18
sun sdk 1.4.2 4
sun sdk 1.4.2 22
sun sdk 1.4.2 28
sun sdk 1.4.2 7
sun sdk 1.4.2 8
sun sdk 1.4.2 25
sun sdk 1.4.2 27
sun sdk 1.4.2 02
sun sdk 1.4.2 16
sun sdk 1.4.2 11
sun sdk 1.4.2 9
sun sdk 1.4.2 20
sun sdk 1.4.2 3
sun sdk 1.4.2 24
sun sdk 1.4.2 15
sun jre 1.5.0
sun jre 1.4.2 26
sun jre 1.4.2 7
sun jre 1.4.2 27
sun jre 1.4.2 16
sun jre 1.4.2 24
sun jre 1.4.2 4
sun jre 1.4.2 2
sun jre 1.4.2 19
sun jre 1.4.2 25
sun jre 1.4.2 15
sun jre 1.4.2 13
sun jre 1.4.2 1
sun jre 1.4.2 8
sun jre 1.4.2 12
sun jre 1.4.2 18
sun jre 1.4.2 22
sun jre 1.4.2 28
sun jre 1.4.2 14
sun jre 1.4.2 10
sun jre 1.4.2 17
sun jre 1.4.2 9
sun jre 1.4.2
sun jre 1.4.2 21
sun jre 1.4.2 11
sun jre 1.4.2 23
sun jre 1.4.2 3
sun jre 1.4.2 20
sun jre 1.4.2 5
sun jre 1.4.2 6

Several security vulnerabilities were discovered in OpenJDK, an implementation of the Java platform CVE-2010-4351 The JNLP SecurityManager returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creati ...

OpenJDK 6 Vulnerabilities (armel packages only) ...

OpenJDK 6 vulnerabilities in Ubuntu 1010 for armel (ARM) architecture ...

It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM (CVE-2010-4448) ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://secunia.com/advisories/43350 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html http://dbhole.wordpress.com/2011/02/15/icedtea-web-1-0-1-released/http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html http://www.securityfocus.com/bid/46397 http://www.redhat.com/support/errata/RHSA-2011-0281.html http://www.redhat.com/support/errata/RHSA-2011-0282.html http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html http://www.debian.org/security/2011/dsa-2224 http://www.mandriva.com/security/advisories?name=MDVSA-2011:054 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html http://marc.info/?l=bugtraq&m=134254957702612&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/65406 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14135 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12420 http://marc.info/?l=bugtraq&m=134254866602253&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-2224 https://usn.ubuntu.com/1079-2/

CVE-2010-4450

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect