CVE-2010-4473

CVE-2010-4473 is an unspecified vulnerability in Oracle Java SE/Java for Business prior to certain updates (6u23, 5.0u27, 1.4.2u29) that affects confidentiality, integrity and availability via unknown vectors related to Sound and unspecified APIs. It is distinguished from CVE-2010-4454 and CVE-20...

CVE-2010-4474

CVE-2010-4474 is reported as an unspecified vulnerability in the Java DB component of Oracle Java SE and Java for Business 6 Update 23 and earlier, with confidentiality impact via unknown vectors. Connected documents provide limited concrete detail for this CVE; one openSUSE patch entry lists CVE...

CVE-2010-4475

CVE-2010-4475 concerns a vulnerability in Oracle Java SE/Java for Business where the Java Runtime Environment allows remote untrusted Java Web Start applications and untrusted applets to affect confidentiality via unknown vectors in Deployment. Affected products/versions: JRE 6u23 and earlier, 5....

CVE-2010-4467

CVE-2010-4467 is documented as a vulnerability in Oracle Java SE/JRE 6 Update 10 through 6 Update 23 that could allow remote untrusted Java Web Start applications and untrusted applets to affect confidentiality, integrity, and availability via deployment-related vectors. Connected advisories show...

OpenJDK JAXP untrusted component state manipulation (6927050)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the Februar...

JDK unspecified vulnerability in Sound component

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

CVE-2010-3571

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October...

CVE-2010-3560

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

CVE-2010-3552

Technical details for CVE-2010-3552 are not provided in the connected documents. The initial description remains high-level. Monitor Oracle Java CPU advisories and vendor advisories for affected versions, impact, and remediation information.

CVE-2010-3553

Technical details for CVE-2010-3553 are not publicly available in the provided connected documents. Please monitor for updated advisories that disclose affected products, vulnerabilities, remediation, or exploitation information.

CVE-2010-3556

CVE-2010-3556 affects Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28. The vulnerability is in the 2D component and is described as unspecified with unknown attack vectors; it is stated to impact confidentiality, integrity, and availability. No concrete exp...

CVE-2010-3557

The CVE-2010-3557 entry concerns a Swing component vulnerability in Oracle Java SE/Java for Business. Affected products/versions are Oracle Java SE 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28. Root cause and concrete vectors are not publicly detailed in the provided documents; however, the...

CVE-2010-3560

CVE-2010-3560 affects Oracle Java SE/Java for Business 6 Update 21, with a Networking component issue potentially leading to partial confidentiality disclosure. The connected advisories (RHSA-2010/2011 series) reference this CVE among multiple Java kernel/networking flaws, but explicit patch/vers...

CVE-2010-3562

CVE-2010-3562 is tied to OpenJDK/IcedTea's IndexColorModel double-free bug. US/EU advisories (e.g., openSUSE SUSE-11_3_JAVA-1_6_0-SUN-101019, Gentoo GLSA 201406-32) enumerate CVE-2010-3562 among the openJDK issues, but the connected documents provide only high‑level notes: a double-free in IndexC...

CVE-2010-3563

CVE-2010-3563 is a remote‑execution vulnerability in the Oracle Java SE/Java for Business Deployment component (as reported in the Oct 2010 CPU). The description and connected notes indicate an issue in how Web Start retrieves security policies, potentially allowing a remote attacker to bypass sa...

CVE-2010-3565

CVE-2010-3565 is associated with OpenJDK/J2SE JPEG image handling (JPEGImageWriter.writeImage) and is described as enabling remote code execution via memory handling with large values in a JPEG subsample. Connected advisories explicitly reference OpenJDK/JDK contexts and list the issue among mult...