CVE-2010-4471

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 6 Update 23 and earlier Java Runtime Environment (JRE) versions 5.0 Update 27 and earlier

Description The issue allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. It is also claimed by a downstream vendor that this issue may be related to the exposure of system properties via vectors related to Font.createFont and exception text.

Recommendations For Java Runtime Environment (JRE) versions 6 Update 23 and earlier, update to a version later than Update 23. For Java Runtime Environment (JRE) versions 5.0 Update 27 and earlier, update to a version later than Update 27. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets from untrusted sources until a patch is available.