CVSS: 10.0EPSS: 2%CPEs: 149EXPL: 0CVE-2010-3568 – OpenJDK Deserialization Race condition (6559775)
https://notcve.org/view.php?id=CVE-2010-3568
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. Vulnerabilidad no especificada en el componente Java Runtime Environment de Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, y v1.4.2_27 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/? •
CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3554 – OpenJDK corba reflection vulnerabilities (6891766,6925672)
https://notcve.org/view.php?id=CVE-2010-3554
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." Vulnerabilidad no especificada en el componente CORBA en Oracle Java SE y Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27 y 1.3.1_28 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTA: la información previa fue obtenida de la CPU Octubre 2010. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41972 http: •
CVSS: 10.0EPSS: 2%CPEs: 257EXPL: 0CVE-2010-3572 – JDK unspecified vulnerability in Sound component
https://notcve.org/view.php?id=CVE-2010-3572
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Sound de Oracle Jave SE y Java para Business v6 Update 21, v5.0 Update 25, v1.4.2_27, y v.1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad, y disponibilidad a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41967 http://secunia.com/advisories/42974 http://secunia.com/advisories/44954 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8&# •
CVSS: 10.0EPSS: 2%CPEs: 93EXPL: 0CVE-2010-3567 – OpenJDK ICU Opentype layout engine crash (6963285)
https://notcve.org/view.php?id=CVE-2010-3567
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access. Vulnerabilidad no especificada en el componente 2D en Oracle Java SE y Java for Business 6 Update 21 y 5.0 Update 25 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTA: la información previa fue obtenida de la CPU Octubre 2010. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/41972 http: •
CVSS: 10.0EPSS: 2%CPEs: 41EXPL: 0CVE-2010-3558 – JDK unspecified vulnerability in Java Web Start component
https://notcve.org/view.php?id=CVE-2010-3558
Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java Web Start de Oracle Java SE y Java for Business v6 Update 21 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/44954 http://support.avaya.com/css/P8/documents/100114315 http://support.avaya.com/css/P8/documents/100123193 http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.redhat.com/support/errata/RHSA-2010-0770.htm •