CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3556 – JDK unspecified vulnerability in 2D component
https://notcve.org/view.php?id=CVE-2010-3556
19 Oct 2010 — Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente 2D para Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 24, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 7.5EPSS: 0%CPEs: 149EXPL: 0CVE-2010-3551 – OpenJDK local network address disclosure (6952603)
https://notcve.org/view.php?id=CVE-2010-3551
19 Oct 2010 — Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad sin especificar en el componente Networking en Oracle Java SE y Java for Business 6 Update 21, v5.0 Update 25 y 1.4.2_27, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. Multiple vulnerabilities have been found in t... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 9.8EPSS: 2%CPEs: 93EXPL: 0CVE-2010-3561 – OpenJDK corba reflection vulnerabilities (6891766,6925672)
https://notcve.org/view.php?id=CVE-2010-3561
19 Oct 2010 — Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote atta... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 10.0EPSS: 1%CPEs: 41EXPL: 0CVE-2010-3558 – JDK unspecified vulnerability in Java Web Start component
https://notcve.org/view.php?id=CVE-2010-3558
19 Oct 2010 — Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java Web Start de Oracle Java SE y Java for Business v6 Update 21 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 10.0EPSS: 30%CPEs: 257EXPL: 0CVE-2010-3562 – OpenJDK IndexColorModel double-free (6925710)
https://notcve.org/view.php?id=CVE-2010-3562
19 Oct 2010 — Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possi... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 9.8EPSS: 1%CPEs: 41EXPL: 0CVE-2010-3570 – JDK unspecified vulnerability in Deployment Toolkit
https://notcve.org/view.php?id=CVE-2010-3570
19 Oct 2010 — Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Deployment Toolkit de Oracle Java SE y Java for Business v6 Update 21 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 9.8EPSS: 21%CPEs: 93EXPL: 1CVE-2010-3573 – Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass
https://notcve.org/view.php?id=CVE-2010-3573
19 Oct 2010 — Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attac... • https://www.exploit-db.com/exploits/15288 •
CVSS: 9.8EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3549 – OpenJDK HttpURLConnection request splitting (6952017)
https://notcve.org/view.php?id=CVE-2010-3549
19 Oct 2010 — Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the Http... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 9.8EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3541 – OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
https://notcve.org/view.php?id=CVE-2010-3541
19 Oct 2010 — Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, whic... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3554 – OpenJDK corba reflection vulnerabilities (6891766,6925672)
https://notcve.org/view.php?id=CVE-2010-3554
19 Oct 2010 — Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." Vulnerabilidad no especificada en el componente CORBA en Or... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •