Lucene search

[email protected]CVE-2010-3548

HistoryOct 19, 2010 - 10:00 p.m.

CVE-2010-3548

2010-10-1922:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

oracle

java

jndi

vulnerability

cve-2010-3548

security

nvd

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.2%

JSON

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or “otherwise-protected internal network names.”

CPENameOperatorVersion
sun:jresun jreeq1.6.0
sun:jdksun jdkeq1.6.0
sun:jdksun jdkeq1.5.0
sun:sdksun sdkle1.4.2_27
sun:sdksun sdkeq1.4.2_19
sun:sdksun sdkeq1.4.2
sun:sdksun sdkeq1.4.2_26
sun:sdksun sdkeq1.4.2_10
sun:sdksun sdkeq1.4.2_12
sun:sdksun sdkeq1.4.2_17

CPE	Name	Operator	Version
sun:jre	sun jre	eq	1.6.0
sun:jdk	sun jdk	eq	1.6.0
sun:jdk	sun jdk	eq	1.5.0
sun:sdk	sun sdk	le	1.4.2_27
sun:sdk	sun sdk	eq	1.4.2_19
sun:sdk	sun sdk	eq	1.4.2
sun:sdk	sun sdk	eq	1.4.2_26
sun:sdk	sun sdk	eq	1.4.2_10
sun:sdk	sun sdk	eq	1.4.2_12
sun:sdk	sun sdk	eq	1.4.2_17

Rows per page:

1-10 of 601

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

marc.info/?l=bugtraq&m=134254866602253&w=2

secunia.com/advisories/41967

secunia.com/advisories/41972

secunia.com/advisories/42377

secunia.com/advisories/42974

secunia.com/advisories/44954

security.gentoo.org/glsa/glsa-201406-32.xml

support.avaya.com/css/P8/documents/100114315

support.avaya.com/css/P8/documents/100114327

support.avaya.com/css/P8/documents/100123193

www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

www.redhat.com/support/errata/RHSA-2010-0768.html

www.redhat.com/support/errata/RHSA-2010-0770.html

www.redhat.com/support/errata/RHSA-2010-0786.html

www.redhat.com/support/errata/RHSA-2010-0807.html

www.redhat.com/support/errata/RHSA-2010-0865.html

www.redhat.com/support/errata/RHSA-2010-0873.html

www.redhat.com/support/errata/RHSA-2010-0986.html

www.redhat.com/support/errata/RHSA-2010-0987.html

www.redhat.com/support/errata/RHSA-2011-0880.html

www.securityfocus.com/archive/1/516397/100/0/threaded

www.securityfocus.com/bid/44017

www.ubuntu.com/usn/USN-1010-1

www.vmware.com/security/advisories/VMSA-2011-0003.html

www.vupen.com/english/advisories/2010/2745

www.vupen.com/english/advisories/2010/3086

bugzilla.redhat.com/show_bug.cgi?id=639909

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12426

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14475

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2010-3548

cvelist1 veracode1 ubuntucve1 prion1 suse2 nessus40 redhat9 openvas22 fedora3 oraclelinux1 centos1 ubuntu1 cisco1 vmware2 gentoo2 oracle1