Lucene search

K
cve[email protected]CVE-2010-4472
HistoryFeb 17, 2011 - 7:00 p.m.

CVE-2010-4472

2011-02-1719:00:00
NVD-CWE-noinfo
web.nvd.nist.gov
49
cve-2010-4472
oracle
java
jre
vulnerability
availability
remote attackers
xml digital signature
apis
nvd

8.4 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.3%

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the “XML DSig Transform or C14N algorithm implementations.”

CPENameOperatorVersion
sun:jresun jreeq1.6.0
sun:jdksun jdkeq1.6.0

References

8.4 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.3%