PT-2010-4915 · Oracle+2 · Java Se+4

Marc Schoenefeld

Published

2010-10-13

Updated

2018-10-30

CVE-2010-3554

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE and Java for Business versions 6 Update 21, 5.0 Update 25, 1.4.2 27, and 1.3.1 28

Description The issue affects the CORBA component, allowing remote attackers to impact confidentiality, integrity, and availability through unknown vectors. There are claims from a reliable downstream vendor that this might be related to permissions granted to certain system objects.

Recommendations For Oracle Java SE and Java for Business version 6 Update 21, update to a version that fixes this issue. For Oracle Java SE and Java for Business version 5.0 Update 25, update to a version that fixes this issue. For Oracle Java SE and Java for Business version 1.4.2 27, update to a version that fixes this issue. For Oracle Java SE and Java for Business version 1.3.1 28, update to a version that fixes this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-3554

HPSBUX02608

RHSA-2010:0768

RHSA-2010:0770

RHSA-2010:0865

RHSA-2010_0768

RHSA-2010_0865

Affected Products

Hp-Ux

Java Platform

Java Se

Java For Business

Red Hat

PT-2010-4915 · Oracle+2 · Java Se+4

CVE-2010-3554

Related Identifiers

Affected Products

References · 115