CVE-2010-0841

Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".

Vulnerabilidad no especificada en el componente ImageIO en Oracle Java SE y Java para Business 6 Update 18, 5.0 Update 23 y 1.4.2_25 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTA: la información previa fue obtenida de la CPU Marzo 2010. Oracle no ha comentado sobre alegaciones de un investigador confiable de que esto es un desbordamiento de entero en Java Runtime Environment que permite a atacantes remotos ejecutar código arbitrario a través de una imagen JPEG que contiene dimensiones de la submuestra con valores grandes, relacionado con JPEGImageReader y "stepX".

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to a compromise under the credentials of the currently logged in user.

*Credits: regenrecht

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-03-03 CVE Reserved
2010-04-01 CVE Published
2024-08-07 CVE Updated
2024-08-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-190: Integer Overflow or Wraparound

CAPEC

References (35)

URL	Tag	Source
http://support.apple.com/kb/HT4170	X_refsource_confirm
http://support.apple.com/kb/HT4171	X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html	X_refsource_confirm
http://www.securityfocus.com/archive/1/510531/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/516397/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/39067	Vdb Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.html	X_refsource_confirm
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	X_refsource_confirm
http://www.zerodayinitiative.com/advisories/ZDI-10-054	X_refsource_misc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14144	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751	2018-10-30
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html	2018-10-30
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	2018-10-30
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	2018-10-30
http://marc.info/?l=bugtraq&m=127557596201693&w=2	2018-10-30
http://marc.info/?l=bugtraq&m=134254866602253&w=2	2018-10-30
http://secunia.com/advisories/39317	2018-10-30
http://secunia.com/advisories/39659	2018-10-30
http://secunia.com/advisories/39819	2018-10-30
http://secunia.com/advisories/40211	2018-10-30
http://secunia.com/advisories/40545	2018-10-30
http://secunia.com/advisories/43308	2018-10-30
http://www.redhat.com/support/errata/RHSA-2010-0337.html	2018-10-30
http://www.redhat.com/support/errata/RHSA-2010-0338.html	2018-10-30
http://www.redhat.com/support/errata/RHSA-2010-0383.html	2018-10-30
http://www.redhat.com/support/errata/RHSA-2010-0471.html	2018-10-30
http://www.redhat.com/support/errata/RHSA-2010-0489.html	2018-10-30
http://www.vupen.com/english/advisories/2010/1191	2018-10-30
http://www.vupen.com/english/advisories/2010/1454	2018-10-30
http://www.vupen.com/english/advisories/2010/1523	2018-10-30
http://www.vupen.com/english/advisories/2010/1793	2018-10-30
https://access.redhat.com/security/cve/CVE-2010-0841	2010-08-02
https://bugzilla.redhat.com/show_bug.cgi?id=575854	2010-08-02

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				<= 1.6.0 Search vendor "Sun" for product "Jre" and version " <= 1.6.0"		update_18		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_1		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_10		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_11		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_12		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_13		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_14		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_15		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_16		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_17		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_2		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_3		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_4		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_5		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_6		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.6.0 Search vendor "Sun" for product "Jre" and version "1.6.0"		update_7		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				<= 1.6.0 Search vendor "Sun" for product "Jdk" and version " <= 1.6.0"		update_18		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		-		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_10		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_11		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_12		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_13		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_14		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_15		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_16		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_17		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_3		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_4		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_5		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_6		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update_7		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update1		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update1_b06		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.6.0 Search vendor "Sun" for product "Jdk" and version "1.6.0"		update2		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				<= 1.5.0 Search vendor "Sun" for product "Jdk" and version " <= 1.5.0"		update23		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		-		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update1		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update10		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update11		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update12		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update13		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update14		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update15		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update16		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update17		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update18		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update19		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update2		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update20		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update21		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update3		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update4		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update5		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update6		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update7		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update8		Affected
Sun Search vendor "Sun"		Jdk Search vendor "Sun" for product "Jdk"				1.5.0 Search vendor "Sun" for product "Jdk" and version "1.5.0"		update9		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				<= 1.4.2_25 Search vendor "Sun" for product "Sdk" and version " <= 1.4.2_25"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2 Search vendor "Sun" for product "Sdk" and version "1.4.2"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_1 Search vendor "Sun" for product "Sdk" and version "1.4.2_1"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_02 Search vendor "Sun" for product "Sdk" and version "1.4.2_02"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_3 Search vendor "Sun" for product "Sdk" and version "1.4.2_3"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_4 Search vendor "Sun" for product "Sdk" and version "1.4.2_4"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_5 Search vendor "Sun" for product "Sdk" and version "1.4.2_5"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_6 Search vendor "Sun" for product "Sdk" and version "1.4.2_6"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_7 Search vendor "Sun" for product "Sdk" and version "1.4.2_7"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_8 Search vendor "Sun" for product "Sdk" and version "1.4.2_8"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_9 Search vendor "Sun" for product "Sdk" and version "1.4.2_9"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_10 Search vendor "Sun" for product "Sdk" and version "1.4.2_10"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_11 Search vendor "Sun" for product "Sdk" and version "1.4.2_11"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_12 Search vendor "Sun" for product "Sdk" and version "1.4.2_12"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_13 Search vendor "Sun" for product "Sdk" and version "1.4.2_13"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_14 Search vendor "Sun" for product "Sdk" and version "1.4.2_14"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_15 Search vendor "Sun" for product "Sdk" and version "1.4.2_15"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_16 Search vendor "Sun" for product "Sdk" and version "1.4.2_16"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_17 Search vendor "Sun" for product "Sdk" and version "1.4.2_17"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_18 Search vendor "Sun" for product "Sdk" and version "1.4.2_18"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_19 Search vendor "Sun" for product "Sdk" and version "1.4.2_19"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_20 Search vendor "Sun" for product "Sdk" and version "1.4.2_20"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_21 Search vendor "Sun" for product "Sdk" and version "1.4.2_21"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_22 Search vendor "Sun" for product "Sdk" and version "1.4.2_22"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_23 Search vendor "Sun" for product "Sdk" and version "1.4.2_23"		-		Affected
Sun Search vendor "Sun"		Sdk Search vendor "Sun" for product "Sdk"				1.4.2_24 Search vendor "Sun" for product "Sdk" and version "1.4.2_24"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				<= 1.5.0 Search vendor "Sun" for product "Jre" and version " <= 1.5.0"		update23		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update1		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update10		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update11		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update12		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update13		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update14		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update15		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update16		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update17		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update18		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update19		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update2		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update20		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update21		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update3		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update4		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update5		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update6		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update7		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update8		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.5.0 Search vendor "Sun" for product "Jre" and version "1.5.0"		update9		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				<= 1.4.2_25 Search vendor "Sun" for product "Jre" and version " <= 1.4.2_25"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2 Search vendor "Sun" for product "Jre" and version "1.4.2"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_1 Search vendor "Sun" for product "Jre" and version "1.4.2_1"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_2 Search vendor "Sun" for product "Jre" and version "1.4.2_2"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_3 Search vendor "Sun" for product "Jre" and version "1.4.2_3"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_4 Search vendor "Sun" for product "Jre" and version "1.4.2_4"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_5 Search vendor "Sun" for product "Jre" and version "1.4.2_5"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_6 Search vendor "Sun" for product "Jre" and version "1.4.2_6"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_7 Search vendor "Sun" for product "Jre" and version "1.4.2_7"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_8 Search vendor "Sun" for product "Jre" and version "1.4.2_8"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_9 Search vendor "Sun" for product "Jre" and version "1.4.2_9"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_10 Search vendor "Sun" for product "Jre" and version "1.4.2_10"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_11 Search vendor "Sun" for product "Jre" and version "1.4.2_11"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_12 Search vendor "Sun" for product "Jre" and version "1.4.2_12"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_13 Search vendor "Sun" for product "Jre" and version "1.4.2_13"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_14 Search vendor "Sun" for product "Jre" and version "1.4.2_14"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_15 Search vendor "Sun" for product "Jre" and version "1.4.2_15"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_16 Search vendor "Sun" for product "Jre" and version "1.4.2_16"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_17 Search vendor "Sun" for product "Jre" and version "1.4.2_17"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_18 Search vendor "Sun" for product "Jre" and version "1.4.2_18"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_19 Search vendor "Sun" for product "Jre" and version "1.4.2_19"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_20 Search vendor "Sun" for product "Jre" and version "1.4.2_20"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_21 Search vendor "Sun" for product "Jre" and version "1.4.2_21"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_22 Search vendor "Sun" for product "Jre" and version "1.4.2_22"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_23 Search vendor "Sun" for product "Jre" and version "1.4.2_23"		-		Affected
Sun Search vendor "Sun"		Jre Search vendor "Sun" for product "Jre"				1.4.2_24 Search vendor "Sun" for product "Jre" and version "1.4.2_24"		-		Affected