CVE-2010-3560LOW
Description
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors.
References
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://secunia.com/advisories/44954
http://support.avaya.com/css/P8/documents/100114315
http://support.avaya.com/css/P8/documents/100123193
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
http://www.redhat.com/support/errata/RHSA-2010-0770.html
http://www.redhat.com/support/errata/RHSA-2010-0987.html
http://www.redhat.com/support/errata/RHSA-2011-0880.html
http://www.securityfocus.com/bid/44024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12363
Details
Source: MITRE
Published: 2010-10-19
Updated: 2017-09-19
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 2.6
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 4.9
Severity: LOW
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_21:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 89681 | VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check) | Nessus | Misc. | critical |
| 75540 | openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1) | Nessus | SuSE Local Security Checks | critical |
| 64843 | Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) (Unix) | Nessus | Misc. | critical |
| 63983 | RHEL 5 : IBM Java Runtime (RHSA-2011:0880) | Nessus | Red Hat Local Security Checks | critical |
| 60869 | Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
| 56724 | GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
| 56665 | VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | Nessus | VMware ESX Local Security Checks | critical |
| 51751 | SuSE 10 Security Update : Sun Java 1.6.0 (ZYPP Patch Number 7204) | Nessus | SuSE Local Security Checks | critical |
| 51750 | SuSE 10 Security Update : IBM Java 6 SR9 (ZYPP Patch Number 7312) | Nessus | SuSE Local Security Checks | critical |
| 51667 | SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 3724) | Nessus | SuSE Local Security Checks | critical |
| 51197 | RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2010:0987) | Nessus | Red Hat Local Security Checks | critical |
| 50919 | SuSE 11 / 11.1 Security Update : Java 1.6.0 (SAT Patch Numbers 3347 / 3349) | Nessus | SuSE Local Security Checks | critical |
| 50299 | openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1) | Nessus | SuSE Local Security Checks | critical |
| 50298 | openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1) | Nessus | SuSE Local Security Checks | critical |
| 49996 | Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) | Nessus | Windows | critical |
| 49990 | RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0770) | Nessus | Red Hat Local Security Checks | critical |