CVE-2010-3563

Name of the Vulnerable Software and Affected Versions Oracle Java SE and Java for Business 6 Update 21

Description The issue affects the confidentiality, integrity, and availability of the system, allowing remote attackers to exploit it via unknown vectors. It is reportedly related to how Web Start retrieves security policies, involving BasicServiceImpl and potentially forged policies that bypass sandbox restrictions.

Recommendations For Oracle Java SE and Java for Business 6 Update 21, consider disabling the BasicServiceImpl until a patch is available to prevent potential remote code execution. Restrict access to Web Start to minimize the risk of exploitation. Avoid using forged policies that could bypass sandbox restrictions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.