Lucene search

K

PRIOn knowledge basePRION:CVE-2010-3571

HistoryOct 19, 2010 - 10:00 p.m.

Integer overflow

2010-10-1922:00:00

PRIOn knowledge base

www.prio-n.com

6

7.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.137 Low

EPSS

Percentile

95.7%

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile.

CPENameOperatorVersion
jdkeq1.6.0 update-4
jdkeq1.6.0 update-7
jdkeq1.6.0 update-19
jdkeq1.6.0 update-13
jdkeq1.6.0 update-3
jdkeq1.6.0 update-11
jdkeq1.6.0 update-10
jdkle1.6.0
jdkeq1.6.0 update-14
jdkeq1.6.0

Rows per page:

1-10 of 2571

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

secunia.com/advisories/42377

secunia.com/advisories/42974

secunia.com/advisories/43005

secunia.com/advisories/44954

support.avaya.com/css/P8/documents/100114315

support.avaya.com/css/P8/documents/100123193

www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

www.redhat.com/support/errata/RHSA-2010-0770.html

www.redhat.com/support/errata/RHSA-2010-0786.html

www.redhat.com/support/errata/RHSA-2010-0986.html

www.redhat.com/support/errata/RHSA-2010-0987.html

www.redhat.com/support/errata/RHSA-2011-0169.html

www.redhat.com/support/errata/RHSA-2011-0880.html

www.securityfocus.com/archive/1/516397/100/0/threaded

www.securityfocus.com/bid/43965

www.vmware.com/security/advisories/VMSA-2011-0003.html

www.vupen.com/english/advisories/2010/2745

www.vupen.com/english/advisories/2010/3086

www.vupen.com/english/advisories/2011/0183

www.zerodayinitiative.com/advisories/ZDI-10-203/

marc.info/?l=bugtraq&m=134254866602253&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12177

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12285

7.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.137 Low

EPSS

Percentile

95.7%

Related for PRION:CVE-2010-3571

cve1 ubuntucve1 zdi1 veracode1 nvd1 cvelist1 redhat6 nessus26 suse3 openvas10 cisco1 vmware2 gentoo1 oracle1