CVE-2010-3560

LOW

Description

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://marc.info/?l=bugtraq&m=134254866602253&w=2

http://secunia.com/advisories/44954

http://support.avaya.com/css/P8/documents/100114315

http://support.avaya.com/css/P8/documents/100123193

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

http://www.redhat.com/support/errata/RHSA-2010-0770.html

http://www.redhat.com/support/errata/RHSA-2010-0987.html

http://www.redhat.com/support/errata/RHSA-2011-0880.html

http://www.securityfocus.com/bid/44024

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12005

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12363

Details

Source: MITRE

Published: 2010-10-19

Updated: 2017-09-19

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 2.6

Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*

Tenable Plugins

View all (16 total)

ID	Name	Product	Family	Severity
89681	VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check)	Nessus	Misc.	critical
75540	openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)	Nessus	SuSE Local Security Checks	critical
64843	Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) (Unix)	Nessus	Misc.	critical
63983	RHEL 5 : IBM Java Runtime (RHSA-2011:0880)	Nessus	Red Hat Local Security Checks	critical
60869	Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
56724	GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
56665	VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX	Nessus	VMware ESX Local Security Checks	critical
51751	SuSE 10 Security Update : Sun Java 1.6.0 (ZYPP Patch Number 7204)	Nessus	SuSE Local Security Checks	critical
51750	SuSE 10 Security Update : IBM Java 6 SR9 (ZYPP Patch Number 7312)	Nessus	SuSE Local Security Checks	critical
51667	SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 3724)	Nessus	SuSE Local Security Checks	critical
51197	RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2010:0987)	Nessus	Red Hat Local Security Checks	critical
50919	SuSE 11 / 11.1 Security Update : Java 1.6.0 (SAT Patch Numbers 3347 / 3349)	Nessus	SuSE Local Security Checks	critical
50299	openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)	Nessus	SuSE Local Security Checks	critical
50298	openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)	Nessus	SuSE Local Security Checks	critical
49996	Oracle Java SE Multiple Vulnerabilities (October 2010 CPU)	Nessus	Windows	critical
49990	RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0770)	Nessus	Red Hat Local Security Checks	critical