CVE-2010-0850

HIGH

Description

Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

References

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

http://marc.info/?l=bugtraq&m=134254866602253&w=2

http://secunia.com/advisories/39317

http://secunia.com/advisories/40545

http://secunia.com/advisories/43308

http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

http://www.securityfocus.com/archive/1/516397/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

http://www.vupen.com/english/advisories/2010/1793

Details

Source: MITRE

Published: 2010-04-01

Updated: 2018-10-10

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:sun:jdk:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.0_01:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.0_02:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.0_03:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.0_04:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.0_05:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_01:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_01a:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_02:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_03:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_04:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_05:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_06:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_07:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_08:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_09:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_10:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_11:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_12:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_13:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_14:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_15:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_16:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_17:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_18:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_19:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_20:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_21:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_22:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_23:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_24:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_25:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.3.1_26:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:* versions up to 1.3.1_27 (inclusive)

Configuration 2

OR

cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_20:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_21:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_22:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_23:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_24:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_25:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.3.1_26:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:* versions up to 1.3.1_27 (inclusive)

Configuration 3

OR

cpe:2.3:a:sun:sdk:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.0_01:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.0_02:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.0_03:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.0_04:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.0_05:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_20:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_21:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_22:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_23:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_24:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_25:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:1.3.1_26:*:*:*:*:*:*:*

cpe:2.3:a:sun:sdk:*:*:*:*:*:*:*:* versions up to 1.3.1_27 (inclusive)

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
89674VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)NessusMisc.
critical
64842Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) (Unix)NessusMisc.
high
51971VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESXNessusVMware ESX Local Security Checks
critical
50917SuSE 11 Security Update : Sun Java 6 (SAT Patch Number 2225)NessusSuSE Local Security Checks
high
46807GLSA-201006-18 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
45465openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45459openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45454openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228)NessusSuSE Local Security Checks
high
45379Oracle Java SE Multiple Vulnerabilities (March 2010 CPU)NessusWindows
high