Lucene search

OracleCVE-2010-3555

HistoryOct 19, 2010 - 10:00 p.m.

CVE-2010-3555

2010-10-1922:00:03

oracle

web.nvd.nist.gov

cve-2010-3555

oracle

java

vulnerability

confidentiality

integrity

availability

remote attackers

activex plugin

arbitrary code

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.204

Percentile

96.4%

JSON

Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code.

Affected configurations

Nvd

Node

sunjreRange≤1.6.0update_21

sunjreMatch1.6.0

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_10

sunjreMatch1.6.0update_11

sunjreMatch1.6.0update_12

sunjreMatch1.6.0update_13

sunjreMatch1.6.0update_14

sunjreMatch1.6.0update_15

sunjreMatch1.6.0update_16

sunjreMatch1.6.0update_17

sunjreMatch1.6.0update_18

sunjreMatch1.6.0update_19

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_20

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update_4

sunjreMatch1.6.0update_5

sunjreMatch1.6.0update_6

sunjreMatch1.6.0update_7

Node

sunjdkRange≤1.6.0update_21

sunjdkMatch1.6.0

sunjdkMatch1.6.0update_10

sunjdkMatch1.6.0update_11

sunjdkMatch1.6.0update_12

sunjdkMatch1.6.0update_13

sunjdkMatch1.6.0update_14

sunjdkMatch1.6.0update_15

sunjdkMatch1.6.0update_16

sunjdkMatch1.6.0update_17

sunjdkMatch1.6.0update_18

sunjdkMatch1.6.0update_19

sunjdkMatch1.6.0update_20

sunjdkMatch1.6.0update_3

sunjdkMatch1.6.0update_4

sunjdkMatch1.6.0update_5

sunjdkMatch1.6.0update_6

sunjdkMatch1.6.0update_7

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update1_b06

sunjdkMatch1.6.0update2

VendorProductVersionCPE
sunjre*cpe:2.3:a:sun:jre:*:update_21:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
sunjre1.6.0cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	jre	*	cpe:2.3:a:sun:jre::update_21::::::*
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:::::::*
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_1::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_10::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_11::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_12::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_13::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_14::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_15::::::
sun	jre	1.6.0	cpe:2.3:a:sun:jre:1.6.0:update_16::::::