CVSS: 10.0EPSS: 10%CPEs: 257EXPL: 0CVE-2010-3571 – Oracle Sun Java ICC Profile Unicode Description Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3571
12 Oct 2010 — Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structur... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0082 – OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)
https://notcve.org/view.php?id=CVE-2010-0082
01 Apr 2010 — Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente HotSpot Server en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores no desconoc... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 7.5EPSS: 1%CPEs: 133EXPL: 0CVE-2010-0084 – OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
https://notcve.org/view.php?id=CVE-2010-0084
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos, una vu... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0085 – OpenJDK File TOCTOU deserialization vulnerability (6736390)
https://notcve.org/view.php?id=CVE-2010-0085
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidenc... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 2%CPEs: 238EXPL: 0CVE-2010-0087 – JDK unspecified vulnerability in JWS/Plugin component
https://notcve.org/view.php?id=CVE-2010-0087
01 Apr 2010 — Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java Web Start, Java Plug-in en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad m... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 238EXPL: 0CVE-2010-0088 – OpenJDK Inflater/Deflater clone issues (6745393)
https://notcve.org/view.php?id=CVE-2010-0088
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25 y 1.3.1_27 permite a atacantes remotos afectar la confidenc... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 2%CPEs: 133EXPL: 0CVE-2010-0089 – JDK unspecified vulnerability in JavaWS/Plugin component
https://notcve.org/view.php?id=CVE-2010-0089
01 Apr 2010 — Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Java Web Start, Java Plug-in en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la disponibilidad mediante vectores no desconocidos. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 7.5EPSS: 1%CPEs: 133EXPL: 0CVE-2010-0091 – OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
https://notcve.org/view.php?id=CVE-2010-0091
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos, una vu... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 9.8EPSS: 3%CPEs: 133EXPL: 0CVE-2010-0093 – OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
https://notcve.org/view.php?id=CVE-2010-0093
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0095. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar a la confidencialidad, integrida... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •
CVSS: 10.0EPSS: 3%CPEs: 133EXPL: 0CVE-2010-0095 – Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
https://notcve.org/view.php?id=CVE-2010-0095
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE y Java for Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar a la confidencialidad, integrida... • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 •