PT-2010-1172 · Oracle+2 · Java Se+3

Publicado

2010-04-01

Atualizado

2025-03-13

CVE-2010-0840

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Java SE versions 6 Update 18, 5.0 Update 23, and 1.4.2 25

Description The issue allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. It is claimed by a reliable researcher to be related to improper checks when executing privileged methods in the Java Runtime Environment, which could allow attackers to execute arbitrary code via an untrusted object that extends the trusted class or a similar trust issue with interfaces.

Recommendations For Java SE versions 6 Update 18, 5.0 Update 23, and 1.4.2 25, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2022-03394

CVE-2010-0840

HPSBUX02524

RHSA-2010:0337

RHSA-2010:0338

RHSA-2010:0339

RHSA-2010:0383

RHSA-2010:0471

RHSA-2010:0489

RHSA-2010:0574

RHSA-2010:0586

RHSA-2010_0339

ZDI-10-056

Produtos afetados

Hp-Ux

Java Platform

Java Se

Red Hat

PT-2010-1172 · Oracle+2 · Java Se+3

CVE-2010-0840

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 72