Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2010-1423

🗓️ 15 Apr 2010 21:12:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 324 Views🌐 WEB

CVE-2010-1423 Argument injection vulnerability in Java NPAPI plugin and Deployment Toolkit allows remote attackers to execute arbitrary code via -J or -XXaltjvm argument to javaws.exe

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Chainguard		CVE-2010-1423 vulnerabilities
15 Apr 201021:30
cgr
Circl		CVE-2010-1423
9 Apr 201000:00
circl
Check Point Advisories		Oracle Java Web Start Launch Command-Line Injection (CVE-2010-0886; CVE-2010-0887; CVE-2010-1423)
26 May 201000:00
checkpoint_advisories
Cvelist		CVE-2010-1423
15 Apr 201021:12
cvelist
Metasploit		Sun Java Web Start Plugin Command Line Argument Injection
16 Apr 201008:08
metasploit
NVD		CVE-2010-1423
15 Apr 201021:30
nvd
OpenVAS		Sun Java Deployment Toolkit Multiple Vulnerabilities - Windows
23 Apr 201000:00
openvas
OpenVAS		Sun Java JRE Multiple Vulnerabilities - Linux
23 Apr 201000:00
openvas
OpenVAS		Sun Java Deployment Toolkit Multiple Vulnerabilities (Windows)
23 Apr 201000:00
openvas
Tenable Nessus		Oracle Java JDK / JRE 6 < Update 20 Multiple Vulnerabilities
15 Apr 201000:00
nessus
Rows per page
NVD
Node
oraclejdkRange1.6.0update19
OR
oraclejdkMatch1.6.0update10
OR
oraclejreRange1.6.0update19
OR
oraclejreMatch1.6.0update_10
ParameterPositionPathDescriptionCWE
jnlppath/Injection of arbitrary Java runtime options via the JNLP payload used by Sun Java Web Start, enabling remote code execution through -J and -XXaltjvm arguments.CWE-78
launchjnlppath/Injection of arbitrary Java runtime options via the JNLP payload used by Sun Java Web Start, enabling remote code execution through -J and -XXaltjvm arguments.CWE-78
docbasepath/Injection of arbitrary Java runtime options via the JNLP payload used by Sun Java Web Start, enabling remote code execution through -J and -XXaltjvm arguments.CWE-78

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Apr 2026 01:13Current
8High risk
Vulners AI Score8
CVSS 29.3
EPSS0.68947
CWE-78
cve-2010-1423javanpapideployment toolkitargument injectionvulnerabilityremote code execution
324