Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2010-3553 (GCVE-0-2010-3553)
Vulnerability from cvelistv5 – Published: 2010-10-19 21:00 – Updated: 2024-08-07 03:11
VLAI?
EPSS
Summary
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
34 references
Date Public ?
2010-10-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:44.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SUSE-SA:2010:061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "RHSA-2010:0770",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"name": "SSRT100333",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "RHSA-2010:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2011-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"name": "FEDORA-2010-16240",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "USN-1010-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "RHSA-2010:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"name": "RHSA-2010:0986",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "44954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44954"
},
{
"name": "oval:org.mitre.oval:def:11798",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"name": "44035",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44035"
},
{
"name": "RHSA-2011:0880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "RHSA-2011:0169",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"name": "oval:org.mitre.oval:def:12545",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "42974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42974"
},
{
"name": "41972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41972"
},
{
"name": "HPSBUX02608",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"name": "RHSA-2010:0786",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"name": "43005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43005"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "FEDORA-2010-16312",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "ADV-2010-2745",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "FEDORA-2010-16294",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0865",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SUSE-SA:2010:061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "RHSA-2010:0770",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"name": "SSRT100333",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "RHSA-2010:0768",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2011-0183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"name": "FEDORA-2010-16240",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "USN-1010-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "RHSA-2010:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"name": "RHSA-2010:0986",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "44954",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44954"
},
{
"name": "oval:org.mitre.oval:def:11798",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"name": "44035",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44035"
},
{
"name": "RHSA-2011:0880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "RHSA-2011:0169",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"name": "oval:org.mitre.oval:def:12545",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "42974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42974"
},
{
"name": "41972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41972"
},
{
"name": "HPSBUX02608",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"name": "RHSA-2010:0786",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"name": "43005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43005"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "FEDORA-2010-16312",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "ADV-2010-2745",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "FEDORA-2010-16294",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-3553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.avaya.com/css/P8/documents/100114327",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0865",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114315",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SUSE-SA:2010:061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "RHSA-2010:0770",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"name": "SSRT100333",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "RHSA-2010:0768",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2011-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"name": "FEDORA-2010-16240",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "USN-1010-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "RHSA-2010:0987",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"name": "RHSA-2010:0986",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "44954",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44954"
},
{
"name": "oval:org.mitre.oval:def:11798",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"name": "44035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44035"
},
{
"name": "RHSA-2011:0880",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "RHSA-2011:0169",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"name": "oval:org.mitre.oval:def:12545",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "42974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42974"
},
{
"name": "41972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41972"
},
{
"name": "HPSBUX02608",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "http://support.avaya.com/css/P8/documents/100123193",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"name": "RHSA-2010:0786",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"name": "43005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43005"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "FEDORA-2010-16312",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "ADV-2010-2745",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "FEDORA-2010-16294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2010-3553",
"datePublished": "2010-10-19T21:00:00.000Z",
"dateReserved": "2010-09-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:11:44.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2010-3553",
"date": "2026-05-19",
"epss": "0.11103",
"percentile": "0.93549"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.6.0\", \"matchCriteriaId\": \"ABFD6CCC-09CD-4A3E-9840-19BF50BE0BC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBCD143C-057D-4F42-B487-46801E14ACF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"09027C19-D442-446F-B7A8-21DB6787CF43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A0FEC28-0707-4F42-9740-78F3D2D551EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3C5879A-A608-4230-9DC1-C27F0F48A13B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"12A3B254-8580-45DB-BDE4-5B5A29CBFFB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*\", \"matchCriteriaId\": \"AADBB4F9-E43E-428B-9979-F47A15696C85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*\", \"matchCriteriaId\": \"49260B94-05DE-4B78-9068-6F5F6BFDD19E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4FDE9EB-08FE-436E-A265-30E83B15DB23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7158D2C0-E9AC-4CD6-B777-EA7B7A181997\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*\", \"matchCriteriaId\": \"B08C075B-9FC0-4381-A9E4-FFF0362BD308\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"90EC6C13-4B37-48E5-8199-A702A944D5A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"2528152C-E20A-4D97-931C-A5EC3CEAA06D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A99DAB4C-272B-4C91-BC70-7729E1152590\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"30DFC10A-A4D9-4F89-B17C-AB9260087D29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"272A5C44-18EC-41A9-8233-E9D4D0734EA6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.6.0\", \"matchCriteriaId\": \"1D589153-3794-4A63-BD69-76A8DF572E55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"722A93D8-B5BC-42F3-92A2-E424F61269A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"775F2611-F11C-4B84-8F40-0D034B81BF18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*\", \"matchCriteriaId\": \"F20FDD9F-FF45-48BC-9207-54FB02E76071\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FA326F5-894A-4B01-BCA3-B126DA81CA59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"228AB7B4-4BA4-43D4-B562-D438884DB152\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFD5C688-2103-4D60-979E-D9BE69A989C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*\", \"matchCriteriaId\": \"21421215-F722-4207-A2E5-E2DF4B29859B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*\", \"matchCriteriaId\": \"C367B418-659E-4627-B1F1-1B1216C99055\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*\", \"matchCriteriaId\": \"7358492A-491C-491E-AEDF-63CB82619BAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"D98175BF-B084-4FA5-899D-9E80DC3923EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"820632CE-F8DF-47EE-B716-7530E60008B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2BD0A3-7B2D-447B-ABAC-7B867B03B632\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"D54AB785-E9B7-47BD-B756-0C3A629D67DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9412098-0353-4F7B-9245-010557E6C651\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD30DAEB-4893-41CF-A455-B69C463B9337\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*\", \"matchCriteriaId\": \"21D6CE7E-A036-496C-8E08-A87F62B5290A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:*:update25:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.5.0\", \"matchCriteriaId\": \"9385CDB4-6A83-4E49-98BE-E425C3B32135\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8E883F-E13D-4FB0-8C6F-B7628600E8D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AADA633-EB11-49A0-8E40-66589034F03E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*\", \"matchCriteriaId\": \"19DC29C5-1B9F-46DF-ACF6-3FF93E45777D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*\", \"matchCriteriaId\": \"B120F7D9-7C1E-4716-B2FA-2990D449F754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD61E49F-2A46-4107-BB3F-527079983306\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*\", \"matchCriteriaId\": \"D900AAE0-6032-4096-AFC2-3D43C55C6C83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*\", \"matchCriteriaId\": \"88B0958C-744C-4946-908C-09D2A5FAB120\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FD24779-988F-4EC1-AC19-77186B68229E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F1E860E-98F2-48FF-B8B3-54D4B58BF81F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"28BE548B-DD0C-4C58-98CA-5B803F04F9EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*\", \"matchCriteriaId\": \"505A8F40-7758-412F-8895-FA1B00BE6B7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*\", \"matchCriteriaId\": \"212F4A5F-87E3-4C62-BA21-46CBBCD8D26A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C4DFCD2-00A3-4BC7-8842-836CE22C7B39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB3A0C49-3FF9-4CB7-9E01-F771D4925103\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7D1BBD4-2F88-4372-B863-BB70753D841B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F8E9AA0-8907-4B1A-86A1-08568195217D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A337AD31-4566-4A4E-AFF3-7EAECD5C90F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*\", \"matchCriteriaId\": \"0754AFDC-2F1C-4C06-AB46-457B5E610029\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*\", \"matchCriteriaId\": \"532CF9DD-0EBB-4B3B-BB9C-A8D78947A790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5DA4242-30D9-44C8-9D0D-877348FFA22B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61C6043-99D0-4F36-AF84-1A5F90B895EE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.4.2_27\", \"matchCriteriaId\": \"010B97F0-C7E3-4F20-81C9-76CADA5B03DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"002CA86D-3090-4C7A-947A-21CB5D1ADD98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F6453C9-7EE0-4FFB-861D-C2D9416DCABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF4E34FD-D927-42BB-8A16-031D77CB4B9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A56D9A60-F272-4D4C-A9DD-C93DAF783585\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"976F4ACB-3725-45B7-B2EF-DEE4B88254E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A1F28FF-652A-4C89-9AC6-5E212F890811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96A8C351-E9CD-431B-8B9D-712CA54C7213\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36888382-79C8-4C97-A654-C668CD68556F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F34C99E6-F9F0-4EF3-8601-B47EAE3D7273\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A74DD08D-CEDB-460E-BED5-78F6CAF18BF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4F64FBC-DC97-4FE3-A235-18B87945AF7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85048406-9051-4E69-94A8-5C449F3B89E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1C88DD7-0B46-4405-BD35-60D27E2DBA14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08D23B7C-7B8C-41B8-8D94-BB0F27C7F0A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C49B997-95D3-4DA4-A353-DB41AD461C5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F70EF76-ED5F-4835-8252-FE613604FA3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BDBCAD8-CDF7-4550-8EA2-1409B02FFAD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E691333-0434-4808-9ED4-E82C6EC2FD37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE7A538-FF2E-4622-8479-781AB73CBA45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD491CD3-5763-4698-8893-2D5F5609BD89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADF4E465-6B0B-4295-81F7-D09ADB81394C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E79C04F7-E3A1-4DF5-94E9-E96A6FC61FC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.4.2_26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5743F0FD-486D-4787-B53E-CCD220BBCDF1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:update25:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.5.0\", \"matchCriteriaId\": \"808C26BB-FA23-4A09-AEC1-9DB4E8199E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7FC09E8-7F30-4FE4-912E-588AA250E2A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*\", \"matchCriteriaId\": \"A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*\", \"matchCriteriaId\": \"9919D091-73D7-465A-80FF-F37D6CAF9F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*\", \"matchCriteriaId\": \"02565D6F-4CB2-4671-A4EF-3169BCFA6154\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*\", \"matchCriteriaId\": \"452A3E51-9EAC-451D-BA04-A1E7B7D917EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E8C6AAC-C90B-4220-A69B-2A886A35CF5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*\", \"matchCriteriaId\": \"55231B6B-9298-4363-9B5A-14C2DA7B1F50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*\", \"matchCriteriaId\": \"E42CF0F7-418C-4BB6-9B73-FA3B9171D092\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5467E9D-07D8-4BEB-84D5-A3136C133519\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*\", \"matchCriteriaId\": \"B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A32F326-EA92-43CD-930E-E527B60CDD3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EA5B9E9-654D-44F7-AE98-3D8B382804AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*\", \"matchCriteriaId\": \"04344167-530E-4A4D-90EF-74C684943DF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0E0373B-201D-408F-9234-A7EFE8B4970D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*\", \"matchCriteriaId\": \"15EAD76D-D5D0-4984-9D07-C1451D791083\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE949EBF-2BC0-4355-8B28-B494023D45FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E0A0A2D-62B9-4A00-84EF-90C15E47A632\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"44051CFE-D15D-4416-A123-F3E49C67A9E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*\", \"matchCriteriaId\": \"F296ACF3-1373-429D-B991-8B5BA704A7EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*\", \"matchCriteriaId\": \"B863420B-DE16-416A-9640-1A1340A9B855\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*\", \"matchCriteriaId\": \"724C972F-74FE-4044-BBC4-7E0E61FC9002\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*\", \"matchCriteriaId\": \"46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBE909DE-E55A-4BD3-A5BF-ADE407432193\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DAC04D2-68FD-4793-A8E7-4690A543D7D4\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.4.2_27\", \"matchCriteriaId\": \"1B8E3C70-5242-43DF-B04A-311C1C0D9EB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63978872-E797-4F13-B0F9-98CB67D0962A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EEAB662-644A-4D7B-8237-64142CF48724\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9598A49-95F2-42DB-B92C-CD026F739B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BED1009E-AE60-43A0-A0F5-38526EFCF423\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D011585C-0E62-4233-85FA-F29A07D68DA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F226D898-F0E8-41D8-BF40-54DE9FB5426D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE28C283-447A-4F83-B96B-69F96E663C1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D102063B-2434-4141-98E7-2DE501AE1728\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03B8CD03-CD31-4F4D-BA90-59435578A4F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41A994BF-1F64-480A-8AA5-748DDD0AB68C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88519F2D-AD06-4F05-BEDA-A09216F1B481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC728978-368D-4B36-B149-70473E92BD1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD5187B1-CB86-48E8-A595-9FCFD9822C0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C660DE4-543A-4E9B-825D-CD099D08CBD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"318719C9-7B01-4021-B2EF-8341254DFE6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC5E64B6-77DA-44BC-B646-AE01041B1830\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DA35E80-9E0E-4A26-B631-A61542BE4739\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BED9E7C8-0418-4733-A496-61CCFD638859\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6566CE32-E042-424A-893B-C8A9E26E2869\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B760192E-7193-4FEF-8FFA-680AC89D45A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C020210-8EBA-41D2-BE4A-962CD902857C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"076444F1-543E-4061-9D39-415A1A889F5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.1_28\", \"matchCriteriaId\": \"2221585A-D55B-4127-BA51-9AEA93DA9809\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AA4DE59-4CF5-49F4-8625-0F3DA2DB7020\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0_01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BC733B9-1694-44E3-BF58-34BABBA4E08B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0_02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"991AEC76-0494-4085-9427-52D8BDD75753\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0_03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12763342-3D3A-4744-941D-4DFD33F79515\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0_04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3E28D80-D908-4F17-BF3D-62C970A4D54B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.0_05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0D8BC0C-13B8-472D-A077-F2039A637326\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15AAA894-90A8-4B08-A392-5CB36ABE6F54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C09F9315-CE9E-4F20-9E8A-597896057A1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_01a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88DB55B2-7D7F-4EB8-8E29-7D15F735A286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38CDFAD5-389F-4F08-AF24-5D8782E86225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE962961-9E1D-4164-A11A-0CA6DC4FFBAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E8244F8-C212-420B-BB12-F58B84B64335\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E7BB67D-0D40-4C92-8005-C1F876629304\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"926B3423-5AB8-4A7C-A83E-5C363A783AF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F623253-2FF5-4398-AF23-A56F06008301\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4EE7212-2AF1-4D10-826B-3B6EDDDA6DDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B5A02FE-614B-4B8C-AB9A-57F5C32B36A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E781B3C-EA57-4CA6-9F03-117C52552AEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1227F19E-5A69-422F-A2E1-5280B1836C94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18FE8DE3-A93A-4884-9131-84715C776545\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA3D41B2-05C4-4EB5-9124-FFC887A010F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95E09BF6-A2E4-49F3-9E8C-3C7EB5FE782B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB23A52B-0F6E-4570-9B72-0D07CF26D536\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0E1566F-1257-428F-8DA9-29DB0DF5D647\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A84080AF-E076-40FD-BDEB-727AAE986AA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FD02135-C3C2-4FCC-A85C-353CD321B97A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10ACCA84-F469-401B-A68F-0281E5C2D46E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03B1DA4B-CE36-4828-B10F-8A854CCB368E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55B201EA-49A8-407A-9893-B3988C936D13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD65ECF9-5495-4F69-B566-C1657473F08B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"671EF738-7846-40A0-B070-649F637782F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7714D90D-1BF0-4388-B086-17C6D1BC9D66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D54C9BE0-9009-41F6-B07F-855358EE5141\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C144EF3-5228-4338-921E-547902CC6F1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:1.3.1_27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F9F5541-983B-42E3-AA7A-988028303B0C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.1_28\", \"matchCriteriaId\": \"FAEC2A8A-EC23-4D62-88CA-D7BA1DB2D8BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAB87D43-2860-43DD-94EE-886D7D75A351\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F30BCF2-E6A3-49E9-98BC-7948244C8FF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8966374E-426B-42A7-9D62-9A9A14032390\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*\", \"matchCriteriaId\": \"634F8387-DFBE-4B78-9063-65737160F13A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*\", \"matchCriteriaId\": \"923FA413-0F4E-4373-83F9-80DC9CA57D15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06743B3-2637-47C2-BD1A-28D9F584ED75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"399B06AC-E101-48EE-A362-D75F7072FF5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7F1CF2B-F0B6-45DD-88E1-C0BDF2B973BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1:update2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B374EB2-85DC-4539-9050-F1E99BA7B2F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0875E34D-8544-49B9-BAD9-8191CC103A07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62E772B9-8E41-476F-81F5-87B41F1827A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CE78463-2CE8-43C6-BB06-AA40C72B1A4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31A04480-92DF-49AD-9B36-7F1FCB29DE90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CAA3E7-9D65-48F3-ACF7-9D705D94DE54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"477C310B-50AD-4D40-8EDB-4A80F0BF321D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60A1F526-6B28-47A3-8D2C-06CA067E9164\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17F09D9E-B04B-477E-86E6-E1B1F9650973\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F929C59-9602-4962-95B4-4165D66E5935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8B76949-9282-44D0-8075-74E482CE9A82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9B072DD-FC4F-4E07-9837-0E16017CA4AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"969BE4EC-4D13-4B74-8137-FA0F83F0FDC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86408019-1B53-4AA8-9F05-47EBD0466EE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F47561-F59C-4904-8E05-D8A9629405A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB067445-8EA5-460F-B625-C21251E5A8D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4C075BC-607E-47A1-A32D-B912D2FA03BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"007175B8-48DB-46BE-B971-FB57B6A33723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5E6F92A-FC59-4CE7-B7F8-94CBF3DC8F21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"496901D5-014D-4920-A343-91A56F6FEFA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2D18FBC-4C9B-4722-90AB-028D281654F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"853BC114-592C-43FE-B227-EF41C494DC98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1F4E031-CE92-48C4-BECC-7C1190DB477A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE89CF12-7E4D-4EF3-8831-9FBC9211C18C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:1.3.1_27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D671CFAE-B8C5-449E-9F08-189657A18B26\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.3.1_28\", \"matchCriteriaId\": \"349CD499-5252-413A-868E-BE26BE8411AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6718104E-82B3-4160-9968-4980C309EC8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0_01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1406B61-0BC7-4547-8D0F-562DEE3E55A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE423757-A0B5-43CF-A134-80F951DD9ECE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0_03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88A29EE6-22D9-47FE-9C95-CBA57FF90E0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0_04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FAEFB1C-FBAB-4D3A-A020-F217177D305B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"807D8661-DA23-4CBB-A001-F6D93E155604\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34710306-D6CF-4D07-84BF-71A8839BE416\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44B93DC8-6375-4B41-B9BC-F22F592C56B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87BF46A9-8E4A-4583-B35F-052FD481DF66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32B351BB-6CA6-4CEF-9F5D-ED47774FC676\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDA40FCD-1D34-4C47-908F-697433236153\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00639A84-BD03-4BD9-A655-F806693DBC8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14824B23-FF9F-4D6D-9D02-12B79BE346A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6493744C-A69D-4377-937E-85E7F5535EA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C09019B1-B873-41CE-951E-4777F324729C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC4209A0-E73F-4B5A-9925-B5D20F879455\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFB8516D-03C4-478D-AFE2-824867FDC739\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F82AED17-FEC3-47D0-A395-26ACD07FBE52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9630BC7B-9039-4FA6-86F8-5274783F3EB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1A6A15C-216A-42B1-84EF-B3D9A313D4A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC39C819-9439-4029-8377-F6D58B3DFDFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A053DEF6-1317-4DA8-91D7-E1970DA62351\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB0605FF-3DDC-4F3A-8171-F3A447E9C292\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"801FF3B4-0729-4710-BFC2-4B078029944F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EB8591E-3D6E-489B-B0D6-CEBB9D09EA68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A411676-6666-4B54-A008-443B9B42F670\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AEDC9B2-8AA6-4DA2-A187-49A1DD106725\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F69BEE4-CB4B-436A-9838-13239B368CF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11AC1050-38AF-49F4-A40C-AAF9710204AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FA939E8-8747-4532-B6B4-6E83824C7067\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8714FA4A-6D0B-4D13-93EE-8A7674DF2736\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:sdk:1.3.1_27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA78C21D-2669-4107-A07B-0AA2C7B1EC16\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el componente Swing de Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos.\"}]",
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\r\n\r\n\u0027May be vulnerable only through untrusted Java Web Start applications and Java applets.\u0027",
"id": "CVE-2010-3553",
"lastModified": "2024-11-21T01:19:04.680",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2010-10-19T22:00:02.923",
"references": "[{\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/41972\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/42974\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/43005\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/44954\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114315\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114327\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100123193\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0768.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0770.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0786.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0865.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0986.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0987.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0169.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0880.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.securityfocus.com/bid/44035\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1010-1\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2745\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0183\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/41972\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42974\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/43005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/44954\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114315\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100114327\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/css/P8/documents/100123193\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0768.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0770.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0786.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0865.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0986.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0987.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0169.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0880.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/44035\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1010-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2745\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-3553\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2010-10-19T22:00:02.923\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente Swing de Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.0\",\"matchCriteriaId\":\"ABFD6CCC-09CD-4A3E-9840-19BF50BE0BC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBCD143C-057D-4F42-B487-46801E14ACF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09027C19-D442-446F-B7A8-21DB6787CF43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A0FEC28-0707-4F42-9740-78F3D2D551EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C5879A-A608-4230-9DC1-C27F0F48A13B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A3B254-8580-45DB-BDE4-5B5A29CBFFB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"AADBB4F9-E43E-428B-9979-F47A15696C85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*\",\"matchCriteriaId\":\"49260B94-05DE-4B78-9068-6F5F6BFDD19E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4FDE9EB-08FE-436E-A265-30E83B15DB23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7158D2C0-E9AC-4CD6-B777-EA7B7A181997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*\",\"matchCriteriaId\":\"B08C075B-9FC0-4381-A9E4-FFF0362BD308\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"90EC6C13-4B37-48E5-8199-A702A944D5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"2528152C-E20A-4D97-931C-A5EC3CEAA06D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A99DAB4C-272B-4C91-BC70-7729E1152590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DFC10A-A4D9-4F89-B17C-AB9260087D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"272A5C44-18EC-41A9-8233-E9D4D0734EA6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.0\",\"matchCriteriaId\":\"1D589153-3794-4A63-BD69-76A8DF572E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"722A93D8-B5BC-42F3-92A2-E424F61269A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"775F2611-F11C-4B84-8F40-0D034B81BF18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"F20FDD9F-FF45-48BC-9207-54FB02E76071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FA326F5-894A-4B01-BCA3-B126DA81CA59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"228AB7B4-4BA4-43D4-B562-D438884DB152\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD5C688-2103-4D60-979E-D9BE69A989C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"21421215-F722-4207-A2E5-E2DF4B29859B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367B418-659E-4627-B1F1-1B1216C99055\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*\",\"matchCriteriaId\":\"7358492A-491C-491E-AEDF-63CB82619BAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D98175BF-B084-4FA5-899D-9E80DC3923EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"820632CE-F8DF-47EE-B716-7530E60008B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2BD0A3-7B2D-447B-ABAC-7B867B03B632\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D54AB785-E9B7-47BD-B756-0C3A629D67DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9412098-0353-4F7B-9245-010557E6C651\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD30DAEB-4893-41CF-A455-B69C463B9337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*\",\"matchCriteriaId\":\"21D6CE7E-A036-496C-8E08-A87F62B5290A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:update25:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5.0\",\"matchCriteriaId\":\"9385CDB4-6A83-4E49-98BE-E425C3B32135\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8E883F-E13D-4FB0-8C6F-B7628600E8D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AADA633-EB11-49A0-8E40-66589034F03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DC29C5-1B9F-46DF-ACF6-3FF93E45777D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B120F7D9-7C1E-4716-B2FA-2990D449F754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD61E49F-2A46-4107-BB3F-527079983306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"D900AAE0-6032-4096-AFC2-3D43C55C6C83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"88B0958C-744C-4946-908C-09D2A5FAB120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FD24779-988F-4EC1-AC19-77186B68229E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F1E860E-98F2-48FF-B8B3-54D4B58BF81F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"28BE548B-DD0C-4C58-98CA-5B803F04F9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"505A8F40-7758-412F-8895-FA1B00BE6B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"212F4A5F-87E3-4C62-BA21-46CBBCD8D26A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C4DFCD2-00A3-4BC7-8842-836CE22C7B39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3A0C49-3FF9-4CB7-9E01-F771D4925103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D1BBD4-2F88-4372-B863-BB70753D841B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F8E9AA0-8907-4B1A-86A1-08568195217D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A337AD31-4566-4A4E-AFF3-7EAECD5C90F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0754AFDC-2F1C-4C06-AB46-457B5E610029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CF9DD-0EBB-4B3B-BB9C-A8D78947A790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5DA4242-30D9-44C8-9D0D-877348FFA22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61C6043-99D0-4F36-AF84-1A5F90B895EE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_27\",\"matchCriteriaId\":\"010B97F0-C7E3-4F20-81C9-76CADA5B03DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"002CA86D-3090-4C7A-947A-21CB5D1ADD98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F6453C9-7EE0-4FFB-861D-C2D9416DCABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4E34FD-D927-42BB-8A16-031D77CB4B9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56D9A60-F272-4D4C-A9DD-C93DAF783585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976F4ACB-3725-45B7-B2EF-DEE4B88254E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A1F28FF-652A-4C89-9AC6-5E212F890811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96A8C351-E9CD-431B-8B9D-712CA54C7213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36888382-79C8-4C97-A654-C668CD68556F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F34C99E6-F9F0-4EF3-8601-B47EAE3D7273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74DD08D-CEDB-460E-BED5-78F6CAF18BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F64FBC-DC97-4FE3-A235-18B87945AF7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85048406-9051-4E69-94A8-5C449F3B89E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C88DD7-0B46-4405-BD35-60D27E2DBA14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08D23B7C-7B8C-41B8-8D94-BB0F27C7F0A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C49B997-95D3-4DA4-A353-DB41AD461C5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F70EF76-ED5F-4835-8252-FE613604FA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BDBCAD8-CDF7-4550-8EA2-1409B02FFAD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E691333-0434-4808-9ED4-E82C6EC2FD37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE7A538-FF2E-4622-8479-781AB73CBA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD491CD3-5763-4698-8893-2D5F5609BD89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF4E465-6B0B-4295-81F7-D09ADB81394C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E79C04F7-E3A1-4DF5-94E9-E96A6FC61FC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.4.2_26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5743F0FD-486D-4787-B53E-CCD220BBCDF1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:update25:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5.0\",\"matchCriteriaId\":\"808C26BB-FA23-4A09-AEC1-9DB4E8199E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7FC09E8-7F30-4FE4-912E-588AA250E2A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9919D091-73D7-465A-80FF-F37D6CAF9F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"02565D6F-4CB2-4671-A4EF-3169BCFA6154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"452A3E51-9EAC-451D-BA04-A1E7B7D917EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E8C6AAC-C90B-4220-A69B-2A886A35CF5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"55231B6B-9298-4363-9B5A-14C2DA7B1F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"E42CF0F7-418C-4BB6-9B73-FA3B9171D092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5467E9D-07D8-4BEB-84D5-A3136C133519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A32F326-EA92-43CD-930E-E527B60CDD3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EA5B9E9-654D-44F7-AE98-3D8B382804AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"04344167-530E-4A4D-90EF-74C684943DF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E0373B-201D-408F-9234-A7EFE8B4970D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*\",\"matchCriteriaId\":\"15EAD76D-D5D0-4984-9D07-C1451D791083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE949EBF-2BC0-4355-8B28-B494023D45FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0A0A2D-62B9-4A00-84EF-90C15E47A632\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"44051CFE-D15D-4416-A123-F3E49C67A9E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F296ACF3-1373-429D-B991-8B5BA704A7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B863420B-DE16-416A-9640-1A1340A9B855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"724C972F-74FE-4044-BBC4-7E0E61FC9002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBE909DE-E55A-4BD3-A5BF-ADE407432193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DAC04D2-68FD-4793-A8E7-4690A543D7D4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_27\",\"matchCriteriaId\":\"1B8E3C70-5242-43DF-B04A-311C1C0D9EB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63978872-E797-4F13-B0F9-98CB67D0962A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EEAB662-644A-4D7B-8237-64142CF48724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9598A49-95F2-42DB-B92C-CD026F739B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BED1009E-AE60-43A0-A0F5-38526EFCF423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D011585C-0E62-4233-85FA-F29A07D68DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F226D898-F0E8-41D8-BF40-54DE9FB5426D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE28C283-447A-4F83-B96B-69F96E663C1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D102063B-2434-4141-98E7-2DE501AE1728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B8CD03-CD31-4F4D-BA90-59435578A4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41A994BF-1F64-480A-8AA5-748DDD0AB68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88519F2D-AD06-4F05-BEDA-A09216F1B481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC728978-368D-4B36-B149-70473E92BD1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD5187B1-CB86-48E8-A595-9FCFD9822C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C660DE4-543A-4E9B-825D-CD099D08CBD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"318719C9-7B01-4021-B2EF-8341254DFE6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC5E64B6-77DA-44BC-B646-AE01041B1830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA35E80-9E0E-4A26-B631-A61542BE4739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BED9E7C8-0418-4733-A496-61CCFD638859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6566CE32-E042-424A-893B-C8A9E26E2869\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B760192E-7193-4FEF-8FFA-680AC89D45A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C020210-8EBA-41D2-BE4A-962CD902857C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"076444F1-543E-4061-9D39-415A1A889F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.1_28\",\"matchCriteriaId\":\"2221585A-D55B-4127-BA51-9AEA93DA9809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA4DE59-4CF5-49F4-8625-0F3DA2DB7020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0_01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC733B9-1694-44E3-BF58-34BABBA4E08B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991AEC76-0494-4085-9427-52D8BDD75753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12763342-3D3A-4744-941D-4DFD33F79515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E28D80-D908-4F17-BF3D-62C970A4D54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.0_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0D8BC0C-13B8-472D-A077-F2039A637326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15AAA894-90A8-4B08-A392-5CB36ABE6F54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C09F9315-CE9E-4F20-9E8A-597896057A1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_01a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DB55B2-7D7F-4EB8-8E29-7D15F735A286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38CDFAD5-389F-4F08-AF24-5D8782E86225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE962961-9E1D-4164-A11A-0CA6DC4FFBAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E8244F8-C212-420B-BB12-F58B84B64335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E7BB67D-0D40-4C92-8005-C1F876629304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"926B3423-5AB8-4A7C-A83E-5C363A783AF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F623253-2FF5-4398-AF23-A56F06008301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4EE7212-2AF1-4D10-826B-3B6EDDDA6DDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B5A02FE-614B-4B8C-AB9A-57F5C32B36A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E781B3C-EA57-4CA6-9F03-117C52552AEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1227F19E-5A69-422F-A2E1-5280B1836C94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18FE8DE3-A93A-4884-9131-84715C776545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3D41B2-05C4-4EB5-9124-FFC887A010F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95E09BF6-A2E4-49F3-9E8C-3C7EB5FE782B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB23A52B-0F6E-4570-9B72-0D07CF26D536\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E1566F-1257-428F-8DA9-29DB0DF5D647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A84080AF-E076-40FD-BDEB-727AAE986AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FD02135-C3C2-4FCC-A85C-353CD321B97A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10ACCA84-F469-401B-A68F-0281E5C2D46E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B1DA4B-CE36-4828-B10F-8A854CCB368E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55B201EA-49A8-407A-9893-B3988C936D13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD65ECF9-5495-4F69-B566-C1657473F08B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"671EF738-7846-40A0-B070-649F637782F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7714D90D-1BF0-4388-B086-17C6D1BC9D66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D54C9BE0-9009-41F6-B07F-855358EE5141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C144EF3-5228-4338-921E-547902CC6F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.3.1_27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F9F5541-983B-42E3-AA7A-988028303B0C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.1_28\",\"matchCriteriaId\":\"FAEC2A8A-EC23-4D62-88CA-D7BA1DB2D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAB87D43-2860-43DD-94EE-886D7D75A351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F30BCF2-E6A3-49E9-98BC-7948244C8FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8966374E-426B-42A7-9D62-9A9A14032390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"634F8387-DFBE-4B78-9063-65737160F13A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"923FA413-0F4E-4373-83F9-80DC9CA57D15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06743B3-2637-47C2-BD1A-28D9F584ED75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"399B06AC-E101-48EE-A362-D75F7072FF5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7F1CF2B-F0B6-45DD-88E1-C0BDF2B973BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B374EB2-85DC-4539-9050-F1E99BA7B2F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0875E34D-8544-49B9-BAD9-8191CC103A07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E772B9-8E41-476F-81F5-87B41F1827A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE78463-2CE8-43C6-BB06-AA40C72B1A4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31A04480-92DF-49AD-9B36-7F1FCB29DE90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CAA3E7-9D65-48F3-ACF7-9D705D94DE54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"477C310B-50AD-4D40-8EDB-4A80F0BF321D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60A1F526-6B28-47A3-8D2C-06CA067E9164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F09D9E-B04B-477E-86E6-E1B1F9650973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F929C59-9602-4962-95B4-4165D66E5935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B76949-9282-44D0-8075-74E482CE9A82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9B072DD-FC4F-4E07-9837-0E16017CA4AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969BE4EC-4D13-4B74-8137-FA0F83F0FDC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86408019-1B53-4AA8-9F05-47EBD0466EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F47561-F59C-4904-8E05-D8A9629405A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB067445-8EA5-460F-B625-C21251E5A8D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4C075BC-607E-47A1-A32D-B912D2FA03BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"007175B8-48DB-46BE-B971-FB57B6A33723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5E6F92A-FC59-4CE7-B7F8-94CBF3DC8F21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"496901D5-014D-4920-A343-91A56F6FEFA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2D18FBC-4C9B-4722-90AB-028D281654F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"853BC114-592C-43FE-B227-EF41C494DC98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F4E031-CE92-48C4-BECC-7C1190DB477A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE89CF12-7E4D-4EF3-8831-9FBC9211C18C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:1.3.1_27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D671CFAE-B8C5-449E-9F08-189657A18B26\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.1_28\",\"matchCriteriaId\":\"349CD499-5252-413A-868E-BE26BE8411AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6718104E-82B3-4160-9968-4980C309EC8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0_01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1406B61-0BC7-4547-8D0F-562DEE3E55A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE423757-A0B5-43CF-A134-80F951DD9ECE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88A29EE6-22D9-47FE-9C95-CBA57FF90E0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FAEFB1C-FBAB-4D3A-A020-F217177D305B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"807D8661-DA23-4CBB-A001-F6D93E155604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34710306-D6CF-4D07-84BF-71A8839BE416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B93DC8-6375-4B41-B9BC-F22F592C56B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87BF46A9-8E4A-4583-B35F-052FD481DF66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32B351BB-6CA6-4CEF-9F5D-ED47774FC676\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA40FCD-1D34-4C47-908F-697433236153\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00639A84-BD03-4BD9-A655-F806693DBC8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14824B23-FF9F-4D6D-9D02-12B79BE346A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6493744C-A69D-4377-937E-85E7F5535EA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C09019B1-B873-41CE-951E-4777F324729C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC4209A0-E73F-4B5A-9925-B5D20F879455\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB8516D-03C4-478D-AFE2-824867FDC739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82AED17-FEC3-47D0-A395-26ACD07FBE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9630BC7B-9039-4FA6-86F8-5274783F3EB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A6A15C-216A-42B1-84EF-B3D9A313D4A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC39C819-9439-4029-8377-F6D58B3DFDFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A053DEF6-1317-4DA8-91D7-E1970DA62351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB0605FF-3DDC-4F3A-8171-F3A447E9C292\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"801FF3B4-0729-4710-BFC2-4B078029944F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB8591E-3D6E-489B-B0D6-CEBB9D09EA68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A411676-6666-4B54-A008-443B9B42F670\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AEDC9B2-8AA6-4DA2-A187-49A1DD106725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F69BEE4-CB4B-436A-9838-13239B368CF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11AC1050-38AF-49F4-A40C-AAF9710204AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA939E8-8747-4532-B6B4-6E83824C7067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8714FA4A-6D0B-4D13-93EE-8A7674DF2736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:sdk:1.3.1_27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA78C21D-2669-4107-A07B-0AA2C7B1EC16\"}]}]}],\"references\":[{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/41972\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/42974\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/43005\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/44954\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100114315\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100114327\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100123193\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0768.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0770.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0786.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0865.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0986.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0987.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0169.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0880.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securityfocus.com/bid/44035\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1010-1\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2745\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0183\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/41972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44954\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100114315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100114327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100123193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0768.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0770.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0786.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0865.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0986.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0987.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0169.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0880.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/44035\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1010-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2745\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\\r\\n\\r\\n\u0027May be vulnerable only through untrusted Java Web Start applications and Java applets.\u0027\"}}"
}
}
CERTA-2010-AVI-500
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans Java SE et Java for Business peuvent être exploitées par un utilisateur malintentionné pour exécuter du code arbitraire à distance ou porter atteinte à la confidentialité et à l'intégrité des données.
Description
De multiples vulnérabilités ont été identifées dans Java SE et Java for Business. Elles peuvent être exploitées par un utilisateur distant malintentionné pour exécuter du code arbitraire ou porter atteinte à la confidentialité et à l'intégrité des données. Se référer à l'avis de mise à jour critique de Oracle pour une description complète des vulnérabilités corrigées.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Java for Business, SDK 1.4.2_27 et antérieures pour Windows, Solaris et Linux. | ||
| Oracle | Java SE | Java SE, SDK version 1.4.2_27 et antérieures pour Solaris ; | ||
| Oracle | N/A | Java for Business, JDK et JRE 6 mise à jour 21 et antérieures pour Windows, Solaris et Linux ; | ||
| Oracle | N/A | Java for Business, JDK 5.0 mise à jour 25 et antérieures pour Solaris ; | ||
| Oracle | Java SE | Java SE, JDK et JRE 6 mise à jour 21 et antérieure pour Windows, Solaris et Linux ; | ||
| Oracle | Java SE | Java SE, JDK 5.0 mise à jour 25 et antérieures pour Solaris ; |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java for Business, SDK 1.4.2_27 et ant\u00e9rieures pour Windows, Solaris et Linux.",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, SDK version 1.4.2_27 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java for Business, JDK et JRE 6 mise \u00e0 jour 21 et ant\u00e9rieures pour Windows, Solaris et Linux ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java for Business, JDK 5.0 mise \u00e0 jour 25 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, JDK et JRE 6 mise \u00e0 jour 21 et ant\u00e9rieure pour Windows, Solaris et Linux ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, JDK 5.0 mise \u00e0 jour 25 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identif\u00e9es dans Java SE et Java for\nBusiness. Elles peuvent \u00eatre exploit\u00e9es par un utilisateur distant\nmalintentionn\u00e9 pour ex\u00e9cuter du code arbitraire ou porter atteinte \u00e0 la\nconfidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es. Se r\u00e9f\u00e9rer \u00e0 l\u0027avis de\nmise \u00e0 jour critique de Oracle pour une description compl\u00e8te des\nvuln\u00e9rabilit\u00e9s corrig\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
}
],
"links": [
{
"title": "Avis de mise jour critique pour Oracle Java SE et Java for Business :",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
}
],
"reference": "CERTA-2010-AVI-500",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-10-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans Java SE et Java for Business peuvent\n\u00eatre exploit\u00e9es par un utilisateur malintentionn\u00e9 pour ex\u00e9cuter du code\narbitraire \u00e0 distance ou porter atteinte \u00e0 la confidentialit\u00e9 et \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de mise \u00e0 jour critique Java SE et Java for Business d\u0027octobre 2010",
"url": null
}
]
}
CERTA-2011-AVI-609
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans les produits WMWare ont été corrigées. Elles permettent notamment à une personne malveillante d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités présentes dans les produits VMWare ont été corrigées. L'exploitation de ces vulnérabilités permet à une personne distante malintentionnée de porter atteinte à la confidentialité et à l'intégrité des données, de provoquer un déni de service, de contourner la politique de sécurité ou d'exécuter du code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMWare vCenter Server 4.x ;",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare VirtualCenter 2.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESX Server 4.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESX Server 3.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESXi 4.x ;",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare vCenter Update Manager 4.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMWare ont \u00e9t\u00e9\ncorrig\u00e9es. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s permet \u00e0 une personne\ndistante malintentionn\u00e9e de porter atteinte \u00e0 la confidentialit\u00e9 et \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de service, de contourner\nla politique de s\u00e9curit\u00e9 ou d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2010-4465",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2010-4473",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2010-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
},
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-4451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
},
{
"name": "CVE-2010-4452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
},
{
"name": "CVE-2010-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2008-7270",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-7270"
},
{
"name": "CVE-2010-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
},
{
"name": "CVE-2010-2054",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2054"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2010-4468",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2010-4422",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
},
{
"name": "CVE-2010-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
},
{
"name": "CVE-2010-4462",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2010-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3170"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-4471",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
},
{
"name": "CVE-2010-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2010-4180",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
},
{
"name": "CVE-2010-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
},
{
"name": "CVE-2010-4463",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-3173",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3173"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-4469",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2010-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2010-4466",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2011-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
},
{
"name": "CVE-2010-4474",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2011-0013 du 27 octobre 2011 :",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0013.html"
}
],
"reference": "CERTA-2011-AVI-609",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-10-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits WMWare ont \u00e9t\u00e9 corrig\u00e9es.\nElles permettent notamment \u00e0 une personne malveillante d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMWare",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 VMWare VMSA-2011-0013 du 27 octobre 2011",
"url": null
}
]
}
CERTA-2012-AVI-395
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités ont été corrigées dans HP Network Node Manager i. Elles permettent à un utilisateur malintentionné de provoquer un déni de service à distance et de porter atteinte à l'intégrité et à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP Network Node Manager i 9.0x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Network Node Manager i 9.1x.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2011-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
},
{
"name": "CVE-2010-4465",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2012-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0500"
},
{
"name": "CVE-2012-0502",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
},
{
"name": "CVE-2010-4473",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
},
{
"name": "CVE-2011-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
},
{
"name": "CVE-2011-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
},
{
"name": "CVE-2010-0090",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
},
{
"name": "CVE-2011-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
},
{
"name": "CVE-2010-0840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2010-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
},
{
"name": "CVE-2011-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
},
{
"name": "CVE-2012-0507",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0507"
},
{
"name": "CVE-2010-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
},
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-4451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
},
{
"name": "CVE-2009-3871",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
},
{
"name": "CVE-2012-0505",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
},
{
"name": "CVE-2010-4452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
},
{
"name": "CVE-2010-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2011-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
},
{
"name": "CVE-2010-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
},
{
"name": "CVE-2011-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3555"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2009-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
},
{
"name": "CVE-2011-0866",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
},
{
"name": "CVE-2010-4468",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
},
{
"name": "CVE-2010-0844",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
},
{
"name": "CVE-2010-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
},
{
"name": "CVE-2010-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2011-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2012-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
},
{
"name": "CVE-2010-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2010-4422",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
},
{
"name": "CVE-2011-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
},
{
"name": "CVE-2010-0886",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0886"
},
{
"name": "CVE-2010-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
},
{
"name": "CVE-2010-4462",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
},
{
"name": "CVE-2010-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2009-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3872"
},
{
"name": "CVE-2011-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
},
{
"name": "CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"name": "CVE-2011-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2012-0506",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2012-0503",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
},
{
"name": "CVE-2010-0843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-0839",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
},
{
"name": "CVE-2010-0849",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
},
{
"name": "CVE-2011-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
},
{
"name": "CVE-2010-4471",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
},
{
"name": "CVE-2010-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
},
{
"name": "CVE-2011-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
},
{
"name": "CVE-2010-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2010-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
},
{
"name": "CVE-2009-3876",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3876"
},
{
"name": "CVE-2011-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2010-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
},
{
"name": "CVE-2009-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
},
{
"name": "CVE-2011-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
},
{
"name": "CVE-2010-4463",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
},
{
"name": "CVE-2011-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2009-3869",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2010-0092",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
},
{
"name": "CVE-2010-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2011-0817",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
},
{
"name": "CVE-2011-0863",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
},
{
"name": "CVE-2010-4469",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
},
{
"name": "CVE-2009-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3873"
},
{
"name": "CVE-2012-0497",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0497"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2010-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2011-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2011-0869",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
},
{
"name": "CVE-2012-0501",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0501"
},
{
"name": "CVE-2012-0504",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0504"
},
{
"name": "CVE-2010-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
},
{
"name": "CVE-2010-4466",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
},
{
"name": "CVE-2011-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
},
{
"name": "CVE-2010-0887",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0887"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2011-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2009-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
},
{
"name": "CVE-2010-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
},
{
"name": "CVE-2009-3868",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3868"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2011-3547",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
},
{
"name": "CVE-2010-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
},
{
"name": "CVE-2010-4474",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
},
{
"name": "CVE-2011-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
},
{
"name": "CVE-2009-3865",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3865"
},
{
"name": "CVE-2011-5035",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5035"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
},
{
"name": "CVE-2012-0508",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0508"
},
{
"name": "CVE-2010-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
},
{
"name": "CVE-2012-0498",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0498"
},
{
"name": "CVE-2010-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
},
{
"name": "CVE-2011-0872",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
},
{
"name": "CVE-2011-3546",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2009-3866",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3866"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
},
{
"name": "CVE-2010-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
},
{
"name": "CVE-2010-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c03358587 du 16 juillet 2012 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c03405642 du 16 juillet 2012 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642"
}
],
"reference": "CERTA-2012-AVI-395",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nNetwork Node Manager i\u003c/span\u003e. Elles permettent \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et de porter\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans HP Network Node Manager i",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 HP c03358587 et c03405642 du 16 juillet 2012",
"url": null
}
]
}
CERTA-2010-AVI-500
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans Java SE et Java for Business peuvent être exploitées par un utilisateur malintentionné pour exécuter du code arbitraire à distance ou porter atteinte à la confidentialité et à l'intégrité des données.
Description
De multiples vulnérabilités ont été identifées dans Java SE et Java for Business. Elles peuvent être exploitées par un utilisateur distant malintentionné pour exécuter du code arbitraire ou porter atteinte à la confidentialité et à l'intégrité des données. Se référer à l'avis de mise à jour critique de Oracle pour une description complète des vulnérabilités corrigées.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Java for Business, SDK 1.4.2_27 et antérieures pour Windows, Solaris et Linux. | ||
| Oracle | Java SE | Java SE, SDK version 1.4.2_27 et antérieures pour Solaris ; | ||
| Oracle | N/A | Java for Business, JDK et JRE 6 mise à jour 21 et antérieures pour Windows, Solaris et Linux ; | ||
| Oracle | N/A | Java for Business, JDK 5.0 mise à jour 25 et antérieures pour Solaris ; | ||
| Oracle | Java SE | Java SE, JDK et JRE 6 mise à jour 21 et antérieure pour Windows, Solaris et Linux ; | ||
| Oracle | Java SE | Java SE, JDK 5.0 mise à jour 25 et antérieures pour Solaris ; |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java for Business, SDK 1.4.2_27 et ant\u00e9rieures pour Windows, Solaris et Linux.",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, SDK version 1.4.2_27 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java for Business, JDK et JRE 6 mise \u00e0 jour 21 et ant\u00e9rieures pour Windows, Solaris et Linux ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java for Business, JDK 5.0 mise \u00e0 jour 25 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, JDK et JRE 6 mise \u00e0 jour 21 et ant\u00e9rieure pour Windows, Solaris et Linux ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE, JDK 5.0 mise \u00e0 jour 25 et ant\u00e9rieures pour Solaris ;",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identif\u00e9es dans Java SE et Java for\nBusiness. Elles peuvent \u00eatre exploit\u00e9es par un utilisateur distant\nmalintentionn\u00e9 pour ex\u00e9cuter du code arbitraire ou porter atteinte \u00e0 la\nconfidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es. Se r\u00e9f\u00e9rer \u00e0 l\u0027avis de\nmise \u00e0 jour critique de Oracle pour une description compl\u00e8te des\nvuln\u00e9rabilit\u00e9s corrig\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
}
],
"links": [
{
"title": "Avis de mise jour critique pour Oracle Java SE et Java for Business :",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
}
],
"reference": "CERTA-2010-AVI-500",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-10-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans Java SE et Java for Business peuvent\n\u00eatre exploit\u00e9es par un utilisateur malintentionn\u00e9 pour ex\u00e9cuter du code\narbitraire \u00e0 distance ou porter atteinte \u00e0 la confidentialit\u00e9 et \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de mise \u00e0 jour critique Java SE et Java for Business d\u0027octobre 2010",
"url": null
}
]
}
CERTA-2011-AVI-609
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités dans les produits WMWare ont été corrigées. Elles permettent notamment à une personne malveillante d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités présentes dans les produits VMWare ont été corrigées. L'exploitation de ces vulnérabilités permet à une personne distante malintentionnée de porter atteinte à la confidentialité et à l'intégrité des données, de provoquer un déni de service, de contourner la politique de sécurité ou d'exécuter du code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMWare vCenter Server 4.x ;",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare VirtualCenter 2.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESX Server 4.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESX Server 3.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare ESXi 4.x ;",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMWare vCenter Update Manager 4.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMWare ont \u00e9t\u00e9\ncorrig\u00e9es. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s permet \u00e0 une personne\ndistante malintentionn\u00e9e de porter atteinte \u00e0 la confidentialit\u00e9 et \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es, de provoquer un d\u00e9ni de service, de contourner\nla politique de s\u00e9curit\u00e9 ou d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2010-4465",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2010-4473",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2010-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
},
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-4451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
},
{
"name": "CVE-2010-4452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
},
{
"name": "CVE-2010-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2008-7270",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-7270"
},
{
"name": "CVE-2010-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
},
{
"name": "CVE-2010-2054",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2054"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2010-4468",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2010-4422",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
},
{
"name": "CVE-2010-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
},
{
"name": "CVE-2010-4462",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2010-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3170"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-4471",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
},
{
"name": "CVE-2010-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2010-4180",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
},
{
"name": "CVE-2010-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
},
{
"name": "CVE-2010-4463",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-3173",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3173"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-4469",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2010-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2010-4466",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2011-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
},
{
"name": "CVE-2010-4474",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2011-0013 du 27 octobre 2011 :",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0013.html"
}
],
"reference": "CERTA-2011-AVI-609",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-10-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits WMWare ont \u00e9t\u00e9 corrig\u00e9es.\nElles permettent notamment \u00e0 une personne malveillante d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMWare",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 VMWare VMSA-2011-0013 du 27 octobre 2011",
"url": null
}
]
}
CERTA-2012-AVI-395
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités ont été corrigées dans HP Network Node Manager i. Elles permettent à un utilisateur malintentionné de provoquer un déni de service à distance et de porter atteinte à l'intégrité et à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP Network Node Manager i 9.0x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Network Node Manager i 9.1x.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2011-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
},
{
"name": "CVE-2010-4465",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2012-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0500"
},
{
"name": "CVE-2012-0502",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
},
{
"name": "CVE-2010-4473",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
},
{
"name": "CVE-2011-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
},
{
"name": "CVE-2011-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
},
{
"name": "CVE-2010-0090",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
},
{
"name": "CVE-2011-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
},
{
"name": "CVE-2010-0840",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2010-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
},
{
"name": "CVE-2011-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
},
{
"name": "CVE-2012-0507",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0507"
},
{
"name": "CVE-2010-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
},
{
"name": "CVE-2010-1321",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
},
{
"name": "CVE-2010-4451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
},
{
"name": "CVE-2009-3871",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
},
{
"name": "CVE-2012-0505",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
},
{
"name": "CVE-2010-4452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
},
{
"name": "CVE-2010-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
},
{
"name": "CVE-2010-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
},
{
"name": "CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"name": "CVE-2011-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
},
{
"name": "CVE-2010-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
},
{
"name": "CVE-2011-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3555"
},
{
"name": "CVE-2010-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
},
{
"name": "CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"name": "CVE-2009-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
},
{
"name": "CVE-2011-0866",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
},
{
"name": "CVE-2010-4468",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
},
{
"name": "CVE-2010-0844",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
},
{
"name": "CVE-2010-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
},
{
"name": "CVE-2010-0845",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
},
{
"name": "CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"name": "CVE-2010-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
},
{
"name": "CVE-2010-3559",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
},
{
"name": "CVE-2011-3552",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
},
{
"name": "CVE-2010-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
},
{
"name": "CVE-2012-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
},
{
"name": "CVE-2010-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2010-4422",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
},
{
"name": "CVE-2011-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
},
{
"name": "CVE-2010-0886",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0886"
},
{
"name": "CVE-2010-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
},
{
"name": "CVE-2010-4462",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
},
{
"name": "CVE-2010-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
},
{
"name": "CVE-2010-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
},
{
"name": "CVE-2010-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
},
{
"name": "CVE-2009-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3872"
},
{
"name": "CVE-2011-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
},
{
"name": "CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"name": "CVE-2011-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
},
{
"name": "CVE-2010-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
},
{
"name": "CVE-2012-0506",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2012-0503",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
},
{
"name": "CVE-2010-0843",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
},
{
"name": "CVE-2010-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
},
{
"name": "CVE-2010-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
},
{
"name": "CVE-2010-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
},
{
"name": "CVE-2010-0839",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
},
{
"name": "CVE-2010-0849",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
},
{
"name": "CVE-2011-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
},
{
"name": "CVE-2010-4471",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
},
{
"name": "CVE-2010-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
},
{
"name": "CVE-2011-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
},
{
"name": "CVE-2010-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
},
{
"name": "CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"name": "CVE-2010-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
},
{
"name": "CVE-2009-3876",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3876"
},
{
"name": "CVE-2011-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2010-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
},
{
"name": "CVE-2009-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
},
{
"name": "CVE-2011-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
},
{
"name": "CVE-2010-4463",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
},
{
"name": "CVE-2011-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
},
{
"name": "CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"name": "CVE-2009-3869",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2010-0092",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
},
{
"name": "CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"name": "CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"name": "CVE-2010-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
},
{
"name": "CVE-2010-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2011-0817",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
},
{
"name": "CVE-2011-0863",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
},
{
"name": "CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"name": "CVE-2010-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
},
{
"name": "CVE-2010-4469",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
},
{
"name": "CVE-2009-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3873"
},
{
"name": "CVE-2012-0497",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0497"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2010-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
},
{
"name": "CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"name": "CVE-2011-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
},
{
"name": "CVE-2010-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
},
{
"name": "CVE-2011-0869",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
},
{
"name": "CVE-2012-0501",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0501"
},
{
"name": "CVE-2012-0504",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0504"
},
{
"name": "CVE-2010-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
},
{
"name": "CVE-2010-4466",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
},
{
"name": "CVE-2011-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
},
{
"name": "CVE-2010-0887",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0887"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2011-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
},
{
"name": "CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"name": "CVE-2009-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
},
{
"name": "CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"name": "CVE-2010-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
},
{
"name": "CVE-2010-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
},
{
"name": "CVE-2009-3868",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3868"
},
{
"name": "CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"name": "CVE-2011-3547",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
},
{
"name": "CVE-2010-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
},
{
"name": "CVE-2010-4474",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
},
{
"name": "CVE-2011-3550",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
},
{
"name": "CVE-2009-3865",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3865"
},
{
"name": "CVE-2011-5035",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5035"
},
{
"name": "CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"name": "CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"name": "CVE-2010-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
},
{
"name": "CVE-2012-0508",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0508"
},
{
"name": "CVE-2010-0082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
},
{
"name": "CVE-2012-0498",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0498"
},
{
"name": "CVE-2010-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
},
{
"name": "CVE-2011-0872",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
},
{
"name": "CVE-2011-3546",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2009-3866",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3866"
},
{
"name": "CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
},
{
"name": "CVE-2010-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
},
{
"name": "CVE-2010-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c03358587 du 16 juillet 2012 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c03405642 du 16 juillet 2012 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642"
}
],
"reference": "CERTA-2012-AVI-395",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nNetwork Node Manager i\u003c/span\u003e. Elles permettent \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et de porter\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans HP Network Node Manager i",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 HP c03358587 et c03405642 du 16 juillet 2012",
"url": null
}
]
}
FKIE_CVE-2010-3553
Vulnerability from fkie_nvd - Published: 2010-10-19 22:00 - Updated: 2026-04-29 01:13
Severity ?
Summary
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | sdk | * | |
| sun | sdk | 1.4.2 | |
| sun | sdk | 1.4.2_1 | |
| sun | sdk | 1.4.2_02 | |
| sun | sdk | 1.4.2_3 | |
| sun | sdk | 1.4.2_4 | |
| sun | sdk | 1.4.2_5 | |
| sun | sdk | 1.4.2_6 | |
| sun | sdk | 1.4.2_7 | |
| sun | sdk | 1.4.2_8 | |
| sun | sdk | 1.4.2_9 | |
| sun | sdk | 1.4.2_10 | |
| sun | sdk | 1.4.2_11 | |
| sun | sdk | 1.4.2_12 | |
| sun | sdk | 1.4.2_13 | |
| sun | sdk | 1.4.2_14 | |
| sun | sdk | 1.4.2_15 | |
| sun | sdk | 1.4.2_16 | |
| sun | sdk | 1.4.2_17 | |
| sun | sdk | 1.4.2_18 | |
| sun | sdk | 1.4.2_19 | |
| sun | sdk | 1.4.2_20 | |
| sun | sdk | 1.4.2_21 | |
| sun | sdk | 1.4.2_22 | |
| sun | sdk | 1.4.2_23 | |
| sun | sdk | 1.4.2_24 | |
| sun | sdk | 1.4.2_25 | |
| sun | sdk | 1.4.2_26 | |
| sun | jre | * | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | * | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 1.4.2_17 | |
| sun | jre | 1.4.2_18 | |
| sun | jre | 1.4.2_19 | |
| sun | jre | 1.4.2_20 | |
| sun | jre | 1.4.2_21 | |
| sun | jre | 1.4.2_22 | |
| sun | jre | 1.4.2_23 | |
| sun | jre | 1.4.2_24 | |
| sun | jre | 1.4.2_25 | |
| sun | jre | 1.4.2_26 | |
| sun | jdk | * | |
| sun | jdk | 1.3.0 | |
| sun | jdk | 1.3.0_01 | |
| sun | jdk | 1.3.0_02 | |
| sun | jdk | 1.3.0_03 | |
| sun | jdk | 1.3.0_04 | |
| sun | jdk | 1.3.0_05 | |
| sun | jdk | 1.3.1 | |
| sun | jdk | 1.3.1_01 | |
| sun | jdk | 1.3.1_01a | |
| sun | jdk | 1.3.1_02 | |
| sun | jdk | 1.3.1_03 | |
| sun | jdk | 1.3.1_04 | |
| sun | jdk | 1.3.1_05 | |
| sun | jdk | 1.3.1_06 | |
| sun | jdk | 1.3.1_07 | |
| sun | jdk | 1.3.1_08 | |
| sun | jdk | 1.3.1_09 | |
| sun | jdk | 1.3.1_10 | |
| sun | jdk | 1.3.1_11 | |
| sun | jdk | 1.3.1_12 | |
| sun | jdk | 1.3.1_13 | |
| sun | jdk | 1.3.1_14 | |
| sun | jdk | 1.3.1_15 | |
| sun | jdk | 1.3.1_16 | |
| sun | jdk | 1.3.1_17 | |
| sun | jdk | 1.3.1_18 | |
| sun | jdk | 1.3.1_19 | |
| sun | jdk | 1.3.1_20 | |
| sun | jdk | 1.3.1_21 | |
| sun | jdk | 1.3.1_22 | |
| sun | jdk | 1.3.1_23 | |
| sun | jdk | 1.3.1_24 | |
| sun | jdk | 1.3.1_25 | |
| sun | jdk | 1.3.1_26 | |
| sun | jdk | 1.3.1_27 | |
| sun | jre | * | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1_2 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_04 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_08 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.3.1_10 | |
| sun | jre | 1.3.1_11 | |
| sun | jre | 1.3.1_12 | |
| sun | jre | 1.3.1_13 | |
| sun | jre | 1.3.1_14 | |
| sun | jre | 1.3.1_15 | |
| sun | jre | 1.3.1_16 | |
| sun | jre | 1.3.1_17 | |
| sun | jre | 1.3.1_18 | |
| sun | jre | 1.3.1_19 | |
| sun | jre | 1.3.1_20 | |
| sun | jre | 1.3.1_21 | |
| sun | jre | 1.3.1_22 | |
| sun | jre | 1.3.1_23 | |
| sun | jre | 1.3.1_24 | |
| sun | jre | 1.3.1_25 | |
| sun | jre | 1.3.1_26 | |
| sun | jre | 1.3.1_27 | |
| sun | sdk | * | |
| sun | sdk | 1.3.0 | |
| sun | sdk | 1.3.0_01 | |
| sun | sdk | 1.3.0_02 | |
| sun | sdk | 1.3.0_03 | |
| sun | sdk | 1.3.0_04 | |
| sun | sdk | 1.3.0_05 | |
| sun | sdk | 1.3.1 | |
| sun | sdk | 1.3.1_01 | |
| sun | sdk | 1.3.1_01a | |
| sun | sdk | 1.3.1_02 | |
| sun | sdk | 1.3.1_03 | |
| sun | sdk | 1.3.1_04 | |
| sun | sdk | 1.3.1_05 | |
| sun | sdk | 1.3.1_06 | |
| sun | sdk | 1.3.1_07 | |
| sun | sdk | 1.3.1_08 | |
| sun | sdk | 1.3.1_09 | |
| sun | sdk | 1.3.1_10 | |
| sun | sdk | 1.3.1_11 | |
| sun | sdk | 1.3.1_12 | |
| sun | sdk | 1.3.1_13 | |
| sun | sdk | 1.3.1_14 | |
| sun | sdk | 1.3.1_15 | |
| sun | sdk | 1.3.1_16 | |
| sun | sdk | 1.3.1_17 | |
| sun | sdk | 1.3.1_18 | |
| sun | sdk | 1.3.1_19 | |
| sun | sdk | 1.3.1_20 | |
| sun | sdk | 1.3.1_21 | |
| sun | sdk | 1.3.1_22 | |
| sun | sdk | 1.3.1_23 | |
| sun | sdk | 1.3.1_24 | |
| sun | sdk | 1.3.1_25 | |
| sun | sdk | 1.3.1_26 | |
| sun | sdk | 1.3.1_27 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*",
"matchCriteriaId": "ABFD6CCC-09CD-4A3E-9840-19BF50BE0BC1",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:*",
"matchCriteriaId": "1D589153-3794-4A63-BD69-76A8DF572E55",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update25:*:*:*:*:*:*",
"matchCriteriaId": "9385CDB4-6A83-4E49-98BE-E425C3B32135",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "010B97F0-C7E3-4F20-81C9-76CADA5B03DD",
"versionEndIncluding": "1.4.2_27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4E34FD-D927-42BB-8A16-031D77CB4B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "A56D9A60-F272-4D4C-A9DD-C93DAF783585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1F28FF-652A-4C89-9AC6-5E212F890811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "96A8C351-E9CD-431B-8B9D-712CA54C7213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E60560EC-6DBD-4A17-BFFA-FAD9193A0BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F64FBC-DC97-4FE3-A235-18B87945AF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "85048406-9051-4E69-94A8-5C449F3B89E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C88DD7-0B46-4405-BD35-60D27E2DBA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "08D23B7C-7B8C-41B8-8D94-BB0F27C7F0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "1C49B997-95D3-4DA4-A353-DB41AD461C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "6F70EF76-ED5F-4835-8252-FE613604FA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDBCAD8-CDF7-4550-8EA2-1409B02FFAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "7E691333-0434-4808-9ED4-E82C6EC2FD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE7A538-FF2E-4622-8479-781AB73CBA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "CD491CD3-5763-4698-8893-2D5F5609BD89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF4E465-6B0B-4295-81F7-D09ADB81394C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "E79C04F7-E3A1-4DF5-94E9-E96A6FC61FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "5743F0FD-486D-4787-B53E-CCD220BBCDF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:update25:*:*:*:*:*:*",
"matchCriteriaId": "808C26BB-FA23-4A09-AEC1-9DB4E8199E48",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8E3C70-5242-43DF-B04A-311C1C0D9EB9",
"versionEndIncluding": "1.4.2_27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5E64B6-77DA-44BC-B646-AE01041B1830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA35E80-9E0E-4A26-B631-A61542BE4739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "BED9E7C8-0418-4733-A496-61CCFD638859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "6566CE32-E042-424A-893B-C8A9E26E2869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "B760192E-7193-4FEF-8FFA-680AC89D45A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020210-8EBA-41D2-BE4A-962CD902857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "076444F1-543E-4061-9D39-415A1A889F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2221585A-D55B-4127-BA51-9AEA93DA9809",
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA4DE59-4CF5-49F4-8625-0F3DA2DB7020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0_01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC733B9-1694-44E3-BF58-34BABBA4E08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0_02:*:*:*:*:*:*:*",
"matchCriteriaId": "991AEC76-0494-4085-9427-52D8BDD75753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0_03:*:*:*:*:*:*:*",
"matchCriteriaId": "12763342-3D3A-4744-941D-4DFD33F79515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0_04:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E28D80-D908-4F17-BF3D-62C970A4D54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.0_05:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D8BC0C-13B8-472D-A077-F2039A637326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15AAA894-90A8-4B08-A392-5CB36ABE6F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_01:*:*:*:*:*:*:*",
"matchCriteriaId": "C09F9315-CE9E-4F20-9E8A-597896057A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_01a:*:*:*:*:*:*:*",
"matchCriteriaId": "88DB55B2-7D7F-4EB8-8E29-7D15F735A286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_02:*:*:*:*:*:*:*",
"matchCriteriaId": "38CDFAD5-389F-4F08-AF24-5D8782E86225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "EE962961-9E1D-4164-A11A-0CA6DC4FFBAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8244F8-C212-420B-BB12-F58B84B64335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7BB67D-0D40-4C92-8005-C1F876629304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "926B3423-5AB8-4A7C-A83E-5C363A783AF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "8F623253-2FF5-4398-AF23-A56F06008301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EE7212-2AF1-4D10-826B-3B6EDDDA6DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5A02FE-614B-4B8C-AB9A-57F5C32B36A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E781B3C-EA57-4CA6-9F03-117C52552AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "1227F19E-5A69-422F-A2E1-5280B1836C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "18FE8DE3-A93A-4884-9131-84715C776545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D41B2-05C4-4EB5-9124-FFC887A010F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "95E09BF6-A2E4-49F3-9E8C-3C7EB5FE782B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "BB23A52B-0F6E-4570-9B72-0D07CF26D536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E1566F-1257-428F-8DA9-29DB0DF5D647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "A84080AF-E076-40FD-BDEB-727AAE986AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD02135-C3C2-4FCC-A85C-353CD321B97A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "10ACCA84-F469-401B-A68F-0281E5C2D46E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_20:*:*:*:*:*:*:*",
"matchCriteriaId": "03B1DA4B-CE36-4828-B10F-8A854CCB368E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_21:*:*:*:*:*:*:*",
"matchCriteriaId": "55B201EA-49A8-407A-9893-B3988C936D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_22:*:*:*:*:*:*:*",
"matchCriteriaId": "DD65ECF9-5495-4F69-B566-C1657473F08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_23:*:*:*:*:*:*:*",
"matchCriteriaId": "671EF738-7846-40A0-B070-649F637782F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_24:*:*:*:*:*:*:*",
"matchCriteriaId": "7714D90D-1BF0-4388-B086-17C6D1BC9D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_25:*:*:*:*:*:*:*",
"matchCriteriaId": "D54C9BE0-9009-41F6-B07F-855358EE5141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_26:*:*:*:*:*:*:*",
"matchCriteriaId": "9C144EF3-5228-4338-921E-547902CC6F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_27:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9F5541-983B-42E3-AA7A-988028303B0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEC2A8A-EC23-4D62-88CA-D7BA1DB2D8BF",
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB87D43-2860-43DD-94EE-886D7D75A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "7F30BCF2-E6A3-49E9-98BC-7948244C8FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "8966374E-426B-42A7-9D62-9A9A14032390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "634F8387-DFBE-4B78-9063-65737160F13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "923FA413-0F4E-4373-83F9-80DC9CA57D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "A06743B3-2637-47C2-BD1A-28D9F584ED75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B06AC-E101-48EE-A362-D75F7072FF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*",
"matchCriteriaId": "F7F1CF2B-F0B6-45DD-88E1-C0BDF2B973BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update2:*:*:*:*:*:*",
"matchCriteriaId": "9B374EB2-85DC-4539-9050-F1E99BA7B2F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
"matchCriteriaId": "0875E34D-8544-49B9-BAD9-8191CC103A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "62E772B9-8E41-476F-81F5-87B41F1827A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE78463-2CE8-43C6-BB06-AA40C72B1A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "31A04480-92DF-49AD-9B36-7F1FCB29DE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "62CAA3E7-9D65-48F3-ACF7-9D705D94DE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "477C310B-50AD-4D40-8EDB-4A80F0BF321D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "60A1F526-6B28-47A3-8D2C-06CA067E9164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "17F09D9E-B04B-477E-86E6-E1B1F9650973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "6F929C59-9602-4962-95B4-4165D66E5935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B76949-9282-44D0-8075-74E482CE9A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B072DD-FC4F-4E07-9837-0E16017CA4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "969BE4EC-4D13-4B74-8137-FA0F83F0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "86408019-1B53-4AA8-9F05-47EBD0466EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "81F47561-F59C-4904-8E05-D8A9629405A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "FB067445-8EA5-460F-B625-C21251E5A8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C075BC-607E-47A1-A32D-B912D2FA03BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*",
"matchCriteriaId": "007175B8-48DB-46BE-B971-FB57B6A33723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E6F92A-FC59-4CE7-B7F8-94CBF3DC8F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*",
"matchCriteriaId": "496901D5-014D-4920-A343-91A56F6FEFA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D18FBC-4C9B-4722-90AB-028D281654F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_24:*:*:*:*:*:*:*",
"matchCriteriaId": "853BC114-592C-43FE-B227-EF41C494DC98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_25:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F4E031-CE92-48C4-BECC-7C1190DB477A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_26:*:*:*:*:*:*:*",
"matchCriteriaId": "CE89CF12-7E4D-4EF3-8831-9FBC9211C18C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_27:*:*:*:*:*:*:*",
"matchCriteriaId": "D671CFAE-B8C5-449E-9F08-189657A18B26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "349CD499-5252-413A-868E-BE26BE8411AB",
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6718104E-82B3-4160-9968-4980C309EC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0_01:*:*:*:*:*:*:*",
"matchCriteriaId": "A1406B61-0BC7-4547-8D0F-562DEE3E55A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*",
"matchCriteriaId": "BE423757-A0B5-43CF-A134-80F951DD9ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0_03:*:*:*:*:*:*:*",
"matchCriteriaId": "88A29EE6-22D9-47FE-9C95-CBA57FF90E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0_04:*:*:*:*:*:*:*",
"matchCriteriaId": "5FAEFB1C-FBAB-4D3A-A020-F217177D305B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*",
"matchCriteriaId": "807D8661-DA23-4CBB-A001-F6D93E155604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
"matchCriteriaId": "34710306-D6CF-4D07-84BF-71A8839BE416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
"matchCriteriaId": "44B93DC8-6375-4B41-B9BC-F22F592C56B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
"matchCriteriaId": "87BF46A9-8E4A-4583-B35F-052FD481DF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "32B351BB-6CA6-4CEF-9F5D-ED47774FC676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA40FCD-1D34-4C47-908F-697433236153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "00639A84-BD03-4BD9-A655-F806693DBC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "14824B23-FF9F-4D6D-9D02-12B79BE346A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "6493744C-A69D-4377-937E-85E7F5535EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "C09019B1-B873-41CE-951E-4777F324729C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4209A0-E73F-4B5A-9925-B5D20F879455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB8516D-03C4-478D-AFE2-824867FDC739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "F82AED17-FEC3-47D0-A395-26ACD07FBE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "9630BC7B-9039-4FA6-86F8-5274783F3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A6A15C-216A-42B1-84EF-B3D9A313D4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "EC39C819-9439-4029-8377-F6D58B3DFDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "A053DEF6-1317-4DA8-91D7-E1970DA62351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0605FF-3DDC-4F3A-8171-F3A447E9C292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "801FF3B4-0729-4710-BFC2-4B078029944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB8591E-3D6E-489B-B0D6-CEBB9D09EA68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*",
"matchCriteriaId": "8A411676-6666-4B54-A008-443B9B42F670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEDC9B2-8AA6-4DA2-A187-49A1DD106725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*",
"matchCriteriaId": "8F69BEE4-CB4B-436A-9838-13239B368CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_24:*:*:*:*:*:*:*",
"matchCriteriaId": "11AC1050-38AF-49F4-A40C-AAF9710204AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_25:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA939E8-8747-4532-B6B4-6E83824C7067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_26:*:*:*:*:*:*:*",
"matchCriteriaId": "8714FA4A-6D0B-4D13-93EE-8A7674DF2736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_27:*:*:*:*:*:*:*",
"matchCriteriaId": "DA78C21D-2669-4107-A07B-0AA2C7B1EC16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Swing de Oracle Java SE y Java for Business v6 Update 21, v5.0 Update 25, v1.4.2_27 y v1.3.1_28 permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad mediante vectores desconocidos."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html\r\n\r\n\u0027May be vulnerable only through untrusted Java Web Start applications and Java applets.\u0027",
"id": "CVE-2010-3553",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-19T22:00:02.923",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/41972"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/42974"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/43005"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/44954"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/44035"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/41972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-2V8J-QH76-QVV8
Vulnerability from github – Published: 2022-05-14 02:15 – Updated: 2022-05-14 02:15
VLAI?
Details
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
{
"affected": [],
"aliases": [
"CVE-2010-3553"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-10-19T22:00:00Z",
"severity": "HIGH"
},
"details": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.",
"id": "GHSA-2v8j-qh76-qvv8",
"modified": "2022-05-14T02:15:45Z",
"published": "2022-05-14T02:15:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3553"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"type": "WEB",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/41972"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42974"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43005"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/44954"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"type": "WEB",
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"type": "WEB",
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"type": "WEB",
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/44035"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"type": "WEB",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0183"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2010-3553
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2010-3553",
"description": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.",
"id": "GSD-2010-3553",
"references": [
"https://www.suse.com/security/cve/CVE-2010-3553.html",
"https://access.redhat.com/errata/RHSA-2011:0880",
"https://access.redhat.com/errata/RHSA-2011:0169",
"https://access.redhat.com/errata/RHSA-2010:0987",
"https://access.redhat.com/errata/RHSA-2010:0986",
"https://access.redhat.com/errata/RHSA-2010:0865",
"https://access.redhat.com/errata/RHSA-2010:0786",
"https://access.redhat.com/errata/RHSA-2010:0770",
"https://access.redhat.com/errata/RHSA-2010:0768",
"https://linux.oracle.com/cve/CVE-2010-3553.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2010-3553"
],
"details": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.",
"id": "GSD-2010-3553",
"modified": "2023-12-13T01:21:33.852258Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-3553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.avaya.com/css/P8/documents/100114327",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "RHSA-2010:0865",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114315",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SUSE-SA:2010:061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "RHSA-2010:0770",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"name": "SSRT100333",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "RHSA-2010:0768",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "ADV-2011-0183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"name": "FEDORA-2010-16240",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "USN-1010-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "RHSA-2010:0987",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"name": "RHSA-2010:0986",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "44954",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44954"
},
{
"name": "oval:org.mitre.oval:def:11798",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"name": "44035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44035"
},
{
"name": "RHSA-2011:0880",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "RHSA-2011:0169",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"name": "oval:org.mitre.oval:def:12545",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "42974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42974"
},
{
"name": "41972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41972"
},
{
"name": "HPSBUX02608",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "http://support.avaya.com/css/P8/documents/100123193",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"name": "RHSA-2010:0786",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"name": "43005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43005"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "FEDORA-2010-16312",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "ADV-2010-2745",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "FEDORA-2010-16294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:update25:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.2_27",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.4.2_25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:update25:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.2_27",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_01a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0_01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.0_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.1_28",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0_01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0_04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:sdk:1.3.1_25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2010-3553"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"
},
{
"name": "ADV-2010-2745",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/2745"
},
{
"name": "RHSA-2010:0770",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114327",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.avaya.com/css/P8/documents/100114327"
},
{
"name": "http://support.avaya.com/css/P8/documents/100114315",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.avaya.com/css/P8/documents/100114315"
},
{
"name": "USN-1010-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-1010-1"
},
{
"name": "RHSA-2010:0786",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html"
},
{
"name": "FEDORA-2010-16240",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"
},
{
"name": "FEDORA-2010-16312",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"
},
{
"name": "41972",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/41972"
},
{
"name": "FEDORA-2010-16294",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"
},
{
"name": "RHSA-2010:0865",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html"
},
{
"name": "RHSA-2010:0768",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html"
},
{
"name": "44035",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/44035"
},
{
"name": "RHSA-2010:0986",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html"
},
{
"name": "RHSA-2010:0987",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "SUSE-SA:2010:061",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"
},
{
"name": "SSRT100333",
"refsource": "HP",
"tags": [],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02616748"
},
{
"name": "http://support.avaya.com/css/P8/documents/100123193",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.avaya.com/css/P8/documents/100123193"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
},
{
"name": "ADV-2011-0183",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2011/0183"
},
{
"name": "RHSA-2011:0169",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0169.html"
},
{
"name": "42974",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42974"
},
{
"name": "43005",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/43005"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"name": "RHSA-2011:0880",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html"
},
{
"name": "44954",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/44954"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:12545",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12545"
},
{
"name": "oval:org.mitre.oval:def:11798",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11798"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:26Z",
"publishedDate": "2010-10-19T22:00Z"
}
}
}
RHSA-2010:0768
Vulnerability from csaf_redhat - Published: 2010-10-13 16:22 - Updated: 2025-11-21 17:36Summary
Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update
Severity
Important
Notes
Topic: Updated java-1.6.0-openjdk packages that fix several security issues and
two bugs are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
defaultReadObject of the Serialization API could be tricked into setting a
volatile field multiple times, which could allow a remote attacker to
execute arbitrary code with the privileges of the user running the applet
or application. (CVE-2010-3569)
Race condition in the way objects were deserialized could allow an
untrusted applet or application to misuse the privileges of the user
running the applet or application. (CVE-2010-3568)
Miscalculation in the OpenType font rendering implementation caused
out-of-bounds memory access, which could allow remote attackers to execute
code with the privileges of the user running the java process.
(CVE-2010-3567)
JPEGImageWriter.writeImage in the imageio API improperly checked certain
image metadata, which could allow a remote attacker to execute arbitrary
code in the context of the user running the applet or application.
(CVE-2010-3565)
Double free in IndexColorModel could cause an untrusted applet or
application to crash or, possibly, execute arbitrary code with the
privileges of the user running the applet or application. (CVE-2010-3562)
The privileged accept method of the ServerSocket class in the Common Object
Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to
receive connections from any host, instead of just the host of the current
connection. An attacker could use this flaw to bypass restrictions defined
by network permissions. (CVE-2010-3561)
Flaws in the Swing library could allow an untrusted application to modify
the behavior and state of certain JDK classes. (CVE-2010-3557)
Flaws in the CORBA implementation could allow an attacker to execute
arbitrary code by misusing permissions granted to certain system objects.
(CVE-2010-3554)
UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted
callers to create objects via ProxyLazyValue values. (CVE-2010-3553)
HttpURLConnection improperly handled the "chunked" transfer encoding
method, which could allow remote attackers to conduct HTTP response
splitting attacks. (CVE-2010-3549)
HttpURLConnection improperly checked whether the calling code was granted
the "allowHttpTrace" permission, allowing untrusted code to create HTTP
TRACE requests. (CVE-2010-3574)
HttpURLConnection did not validate request headers set by applets, which
could allow remote attackers to trigger actions otherwise restricted to
HTTP clients. (CVE-2010-3541, CVE-2010-3573)
The Kerberos implementation improperly checked the sanity of AP-REQ
requests, which could cause a denial of service condition in the receiving
Java Virtual Machine. (CVE-2010-3564)
The RHSA-2010:0339 update mitigated a man-in-the-middle attack in the way
the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols
handle session renegotiation by disabling renegotiation. This update
implements the TLS Renegotiation Indication Extension as defined in RFC
5746, allowing secure renegotiation between updated clients and servers.
(CVE-2009-3555)
The NetworkInterface class improperly checked the network "connect"
permissions for local network addresses, which could allow remote attackers
to read local network addresses. (CVE-2010-3551)
Information leak flaw in the Java Naming and Directory Interface (JNDI)
could allow a remote attacker to access information about
otherwise-protected internal network names. (CVE-2010-3548)
Note: Flaws concerning applets in this advisory (CVE-2010-3568,
CVE-2010-3554, CVE-2009-3555, CVE-2010-3562, CVE-2010-3557, CVE-2010-3548,
CVE-2010-3564, CVE-2010-3565, CVE-2010-3569) can only be triggered in
OpenJDK by calling the "appletviewer" application.
Bug fixes:
* This update provides one defense in depth patch. (BZ#639922)
* Problems for certain SSL connections. In a reported case, this prevented
the JBoss JAAS modules from connecting over SSL to Microsoft Active
Directory servers. (BZ#618290)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
4.3 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names."
5.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class.
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.
5.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects."
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static."
6.8 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
4.0 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
7.5 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
5.1 ()
Affected products
Fixed
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
87 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-openjdk packages that fix several security issues and\ntwo bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit.\n\ndefaultReadObject of the Serialization API could be tricked into setting a\nvolatile field multiple times, which could allow a remote attacker to\nexecute arbitrary code with the privileges of the user running the applet\nor application. (CVE-2010-3569)\n\nRace condition in the way objects were deserialized could allow an\nuntrusted applet or application to misuse the privileges of the user\nrunning the applet or application. (CVE-2010-3568)\n\nMiscalculation in the OpenType font rendering implementation caused\nout-of-bounds memory access, which could allow remote attackers to execute\ncode with the privileges of the user running the java process.\n(CVE-2010-3567)\n\nJPEGImageWriter.writeImage in the imageio API improperly checked certain\nimage metadata, which could allow a remote attacker to execute arbitrary\ncode in the context of the user running the applet or application.\n(CVE-2010-3565)\n\nDouble free in IndexColorModel could cause an untrusted applet or\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the applet or application. (CVE-2010-3562)\n\nThe privileged accept method of the ServerSocket class in the Common Object\nRequest Broker Architecture (CORBA) implementation in OpenJDK allowed it to\nreceive connections from any host, instead of just the host of the current\nconnection. An attacker could use this flaw to bypass restrictions defined\nby network permissions. (CVE-2010-3561)\n\nFlaws in the Swing library could allow an untrusted application to modify\nthe behavior and state of certain JDK classes. (CVE-2010-3557)\n\nFlaws in the CORBA implementation could allow an attacker to execute\narbitrary code by misusing permissions granted to certain system objects.\n(CVE-2010-3554)\n\nUIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted\ncallers to create objects via ProxyLazyValue values. (CVE-2010-3553)\n\nHttpURLConnection improperly handled the \"chunked\" transfer encoding\nmethod, which could allow remote attackers to conduct HTTP response\nsplitting attacks. (CVE-2010-3549)\n\nHttpURLConnection improperly checked whether the calling code was granted\nthe \"allowHttpTrace\" permission, allowing untrusted code to create HTTP\nTRACE requests. (CVE-2010-3574)\n\nHttpURLConnection did not validate request headers set by applets, which\ncould allow remote attackers to trigger actions otherwise restricted to\nHTTP clients. (CVE-2010-3541, CVE-2010-3573)\n\nThe Kerberos implementation improperly checked the sanity of AP-REQ\nrequests, which could cause a denial of service condition in the receiving\nJava Virtual Machine. (CVE-2010-3564)\n\nThe RHSA-2010:0339 update mitigated a man-in-the-middle attack in the way\nthe TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols\nhandle session renegotiation by disabling renegotiation. This update\nimplements the TLS Renegotiation Indication Extension as defined in RFC\n5746, allowing secure renegotiation between updated clients and servers.\n(CVE-2009-3555)\n\nThe NetworkInterface class improperly checked the network \"connect\"\npermissions for local network addresses, which could allow remote attackers\nto read local network addresses. (CVE-2010-3551)\n\nInformation leak flaw in the Java Naming and Directory Interface (JNDI)\ncould allow a remote attacker to access information about\notherwise-protected internal network names. (CVE-2010-3548)\n\nNote: Flaws concerning applets in this advisory (CVE-2010-3568,\nCVE-2010-3554, CVE-2009-3555, CVE-2010-3562, CVE-2010-3557, CVE-2010-3548,\nCVE-2010-3564, CVE-2010-3565, CVE-2010-3569) can only be triggered in\nOpenJDK by calling the \"appletviewer\" application.\n\nBug fixes:\n\n* This update provides one defense in depth patch. (BZ#639922)\n\n* Problems for certain SSL connections. In a reported case, this prevented\nthe JBoss JAAS modules from connecting over SSL to Microsoft Active\nDirectory servers. (BZ#618290)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0768",
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/kb/docs/DOC-20491",
"url": "https://access.redhat.com/kb/docs/DOC-20491"
},
{
"category": "external",
"summary": "533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "618290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=618290"
},
{
"category": "external",
"summary": "639876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639876"
},
{
"category": "external",
"summary": "639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "639897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639897"
},
{
"category": "external",
"summary": "639904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639904"
},
{
"category": "external",
"summary": "639909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639909"
},
{
"category": "external",
"summary": "639914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639914"
},
{
"category": "external",
"summary": "639920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639920"
},
{
"category": "external",
"summary": "639922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639922"
},
{
"category": "external",
"summary": "639925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639925"
},
{
"category": "external",
"summary": "642167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642167"
},
{
"category": "external",
"summary": "642180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642180"
},
{
"category": "external",
"summary": "642187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642187"
},
{
"category": "external",
"summary": "642197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642197"
},
{
"category": "external",
"summary": "642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "642215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642215"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0768.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T17:36:49+00:00",
"generator": {
"date": "2025-11-21T17:36:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2010:0768",
"initial_release_date": "2010-10-13T16:22:00+00:00",
"revision_history": [
{
"date": "2010-10-13T16:22:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-10-13T12:23:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:36:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.16.b17.el5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.16.b17.el5?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.16.b17.el5?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
},
"product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3555",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2009-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "533125"
}
],
"notes": [
{
"category": "description",
"text": "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "TLS: MITM attacks via session renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3555"
},
{
"category": "external",
"summary": "RHBZ#533125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555"
}
],
"release_date": "2009-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "TLS: MITM attacks via session renegotiation"
},
{
"cve": "CVE-2010-3541",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642202"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3541"
},
{
"category": "external",
"summary": "RHBZ#642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3541"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)"
},
{
"cve": "CVE-2010-3548",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639909"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or \"otherwise-protected internal network names.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK DNS server IP address information leak (6957564)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3548"
},
{
"category": "external",
"summary": "RHBZ#639909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3548",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3548"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK DNS server IP address information leak (6957564)"
},
{
"cve": "CVE-2010-3549",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642180"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection request splitting (6952017)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3549"
},
{
"category": "external",
"summary": "RHBZ#642180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3549",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3549"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK HttpURLConnection request splitting (6952017)"
},
{
"cve": "CVE-2010-3551",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642187"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK local network address disclosure (6952603)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3551"
},
{
"category": "external",
"summary": "RHBZ#642187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3551",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3551",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3551"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK local network address disclosure (6952603)"
},
{
"cve": "CVE-2010-3553",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642167"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Swing unsafe reflection usage (6622002)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3553"
},
{
"category": "external",
"summary": "RHBZ#642167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3553",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3553",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3553"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Swing unsafe reflection usage (6622002)"
},
{
"cve": "CVE-2010-3554",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639880"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to \"permissions granted to certain system objects.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK corba reflection vulnerabilities (6891766,6925672)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3554"
},
{
"category": "external",
"summary": "RHBZ#639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3554",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3554"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK corba reflection vulnerabilities (6891766,6925672)"
},
{
"cve": "CVE-2010-3557",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639904"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of \"behavior and state of certain JDK classes\" and \"mutable static.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Swing mutable static (6938813)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3557"
},
{
"category": "external",
"summary": "RHBZ#639904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3557",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3557"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Swing mutable static (6938813)"
},
{
"cve": "CVE-2010-3561",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639880"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK corba reflection vulnerabilities (6891766,6925672)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3561"
},
{
"category": "external",
"summary": "RHBZ#639880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3561",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3561",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3561"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK corba reflection vulnerabilities (6891766,6925672)"
},
{
"cve": "CVE-2010-3562",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639897"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK IndexColorModel double-free (6925710)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3562"
},
{
"category": "external",
"summary": "RHBZ#639897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639897"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3562",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3562",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3562"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK IndexColorModel double-free (6925710)"
},
{
"cve": "CVE-2010-3564",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639914"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK kerberos vulnerability (6958060)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3564"
},
{
"category": "external",
"summary": "RHBZ#639914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3564"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK kerberos vulnerability (6958060)"
},
{
"cve": "CVE-2010-3565",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639920"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK JPEG writeImage remote code execution (6963023)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3565"
},
{
"category": "external",
"summary": "RHBZ#639920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3565"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK JPEG writeImage remote code execution (6963023)"
},
{
"cve": "CVE-2010-3567",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642197"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK ICU Opentype layout engine crash (6963285)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3567"
},
{
"category": "external",
"summary": "RHBZ#642197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3567"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK ICU Opentype layout engine crash (6963285)"
},
{
"cve": "CVE-2010-3568",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639876"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Deserialization Race condition (6559775)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3568"
},
{
"category": "external",
"summary": "RHBZ#639876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3568",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3568"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Deserialization Race condition (6559775)"
},
{
"cve": "CVE-2010-3569",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "639925"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK Serialization inconsistencies (6966692)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3569"
},
{
"category": "external",
"summary": "RHBZ#639925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=639925"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3569"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK Serialization inconsistencies (6966692)"
},
{
"cve": "CVE-2010-3573",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642202"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3573"
},
{
"category": "external",
"summary": "RHBZ#642202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3573"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)"
},
{
"cve": "CVE-2010-3574",
"discovery_date": "2010-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "642215"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3574"
},
{
"category": "external",
"summary": "RHBZ#642215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3574"
}
],
"release_date": "2010-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-13T16:22:00+00:00",
"details": "All java-1.6.0-openjdk users are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK\nJava must be restarted for the update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0768"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Client:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.src",
"5Server:java-1.6.0-openjdk-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.16.b17.el5.x86_64",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.i386",
"5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.16.b17.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…