CVE-2010-4469

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 6 Update 23 and earlier Java Runtime Environment (JRE) versions 5.0 Update 27 and earlier Java Runtime Environment (JRE) versions 1.4.2 29 and earlier

Description The issue affects confidentiality, integrity, and availability via unknown vectors related to HotSpot. It allows remote untrusted Java Web Start applications and untrusted Java applets to exploit the vulnerability. There are claims from a downstream vendor that this issue is related to heap corruption, specifically involving the Verifier and "backward jsrs", although Oracle has not commented on these claims.

Recommendations For Java Runtime Environment (JRE) versions 6 Update 23 and earlier, update to a version later than Update 23. For Java Runtime Environment (JRE) versions 5.0 Update 27 and earlier, update to a version later than Update 27. For Java Runtime Environment (JRE) versions 1.4.2 29 and earlier, update to a version later than 1.4.2 29.