Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability

Description

Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported versions: 6 Update 18, 5.0 Update 23

Technologies Affected

• Apple Mac OS X 10.5
• Apple Mac OS X 10.5.1
• Apple Mac OS X 10.5.2
• Apple Mac OS X 10.5.3
• Apple Mac OS X 10.5.4
• Apple Mac OS X 10.5.5
• Apple Mac OS X 10.5.6
• Apple Mac OS X 10.5.7
• Apple Mac OS X 10.5.8
• Apple Mac OS X 10.6
• Apple Mac OS X 10.6.1
• Apple Mac OS X 10.6.2
• Apple Mac OS X 10.6.3
• Apple Mac OS X Server 10.5
• Apple Mac OS X Server 10.5.1
• Apple Mac OS X Server 10.5.2
• Apple Mac OS X Server 10.5.3
• Apple Mac OS X Server 10.5.4
• Apple Mac OS X Server 10.5.5
• Apple Mac OS X Server 10.5.6
• Apple Mac OS X Server 10.5.7
• Apple Mac OS X Server 10.5.8
• Apple Mac OS X Server 10.6
• Apple Mac OS X Server 10.6.1
• Apple Mac OS X Server 10.6.2
• Apple Mac OS X Server 10.6.3
• Avaya Aura System Platform 1.0
• Avaya Proactive Contact 3.0
• Avaya Proactive Contact 3.0.2
• Avaya Proactive Contact 3.0.3
• Fedoraproject Fedora 11
• Fedoraproject Fedora 12
• Fedoraproject Fedora 13
• Gentoo Linux
• HP HP-UX B.11.11
• HP HP-UX B.11.23
• HP HP-UX B.11.31
• HP Systems Insight Manager 5.0
• HP Systems Insight Manager 5.0 SP1
• HP Systems Insight Manager 5.0 SP2
• HP Systems Insight Manager 5.0 SP3
• HP Systems Insight Manager 5.0 SP5
• HP Systems Insight Manager 5.0 SP6
• HP Systems Insight Manager 5.1 SP1
• HP Systems Insight Manager 5.2 SP2
• HP Systems Insight Manager 5.3
• HP Systems Insight Manager 5.3 Update 1
• HP Systems Insight Manager 6.0.0.96
• HP Systems Insight Manager C 05.00.02
• HP Systems Insight Manager C.05.00.02
• IBM Java SE 5.0 SR10
• IBM Java SE 5.0 SR11
• Mandriva Enterprise Server 5
• Mandriva Enterprise Server 5 X86 64
• Mandriva Linux Mandrake 2009.0
• Mandriva Linux Mandrake 2009.0 X86 64
• Mandriva Linux Mandrake 2009.1
• Mandriva Linux Mandrake 2009.1 X86 64
• Mandriva Linux Mandrake 2010.0
• Mandriva Linux Mandrake 2010.0 X86 64
• Oracle JRockit R27.6.6
• Oracle JRockit R28.0.0
• Pardus Linux 2009
• Redhat Desktop Extras 4
• Redhat Enterprise Linux 5 Server
• Redhat Enterprise Linux AS Extras 4
• Redhat Enterprise Linux Desktop 5 Client
• Redhat Enterprise Linux Desktop Supplementary 5 Client
• Redhat Enterprise Linux ES Extras 4
• Redhat Enterprise Linux Extras 4
• Redhat Enterprise Linux Supplementary 5 Server
• Redhat Enterprise Linux WS Extras 4
• Redhat Network Satellite Server (for RHEL 4) 5.3
• Redhat Network Satellite Server (for RHEL 5) 5.3
• SuSE Novell Linux POS 9
• SuSE Open-Enterprise-Server
• SuSE SUSE Linux Enterprise 11
• SuSE SUSE Linux Enterprise SDK 11
• SuSE SUSE Linux Enterprise SDK 11 SP1
• SuSE SUSE Linux Enterprise Server 10 SP3
• SuSE SUSE Linux Enterprise Server 11
• SuSE SUSE Linux Enterprise Server 11 SP1
• SuSE SUSE Linux Enterprise Server 9
• SuSE Suse Linux Enterprise Desktop 10 SP3
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE openSUSE 11.2
• Sun JDK (Linux Production Release) 1.5.0 07
• Sun JDK (Linux Production Release) 1.5.0 22
• Sun JDK (Linux Production Release) 1.5.0 .0 05
• Sun JDK (Linux Production Release) 1.5.0 0 10
• Sun JDK (Linux Production Release) 1.5.0 01
• Sun JDK (Linux Production Release) 1.5.0 02
• Sun JDK (Linux Production Release) 1.5.0 06
• Sun JDK (Linux Production Release) 1.5.0 07-B03
• Sun JDK (Linux Production Release) 1.5.0 11-B03
• Sun JDK (Linux Production Release) 1.5.0 13
• Sun JDK (Linux Production Release) 1.5.0 14
• Sun JDK (Linux Production Release) 1.5.0 15
• Sun JDK (Linux Production Release) 1.5.0 16
• Sun JDK (Linux Production Release) 1.5.0 17
• Sun JDK (Linux Production Release) 1.5.0 18
• Sun JDK (Linux Production Release) 1.5.0 20
• Sun JDK (Linux Production Release) 1.5.0 23
• Sun JDK (Linux Production Release) 1.5.0
• Sun JDK (Linux Production Release) 1.5.0.0 03
• Sun JDK (Linux Production Release) 1.5.0.0 04
• Sun JDK (Linux Production Release) 1.5.0.0 08
• Sun JDK (Linux Production Release) 1.5.0.0 09
• Sun JDK (Linux Production Release) 1.5.0.0 11
• Sun JDK (Linux Production Release) 1.5.0.0 12
• Sun JDK (Linux Production Release) 1.6.0 17
• Sun JDK (Linux Production Release) 1.6.0 01
• Sun JDK (Linux Production Release) 1.6.0 01-B06
• Sun JDK (Linux Production Release) 1.6.0 02
• Sun JDK (Linux Production Release) 1.6.0 03
• Sun JDK (Linux Production Release) 1.6.0 04
• Sun JDK (Linux Production Release) 1.6.0 05
• Sun JDK (Linux Production Release) 1.6.0 06
• Sun JDK (Linux Production Release) 1.6.0 07
• Sun JDK (Linux Production Release) 1.6.0 10
• Sun JDK (Linux Production Release) 1.6.0 11
• Sun JDK (Linux Production Release) 1.6.0 13
• Sun JDK (Linux Production Release) 1.6.0 14
• Sun JDK (Linux Production Release) 1.6.0 15
• Sun JDK (Linux Production Release) 1.6.0 18
• Sun JDK (Linux Production Release) 1.6.0
• Sun JDK (Solaris Production Release) 1.5.0 22
• Sun JDK (Solaris Production Release) 1.5.0 .0 03
• Sun JDK (Solaris Production Release) 1.5.0 .0 04
• Sun JDK (Solaris Production Release) 1.5.0 .0 05
• Sun JDK (Solaris Production Release) 1.5.0 0 03
• Sun JDK (Solaris Production Release) 1.5.0 0 09
• Sun JDK (Solaris Production Release) 1.5.0 0 10
• Sun JDK (Solaris Production Release) 1.5.0 01
• Sun JDK (Solaris Production Release) 1.5.0 02
• Sun JDK (Solaris Production Release) 1.5.0 06
• Sun JDK (Solaris Production Release) 1.5.0 07-B03
• Sun JDK (Solaris Production Release) 1.5.0 11
• Sun JDK (Solaris Production Release) 1.5.0 11-B03
• Sun JDK (Solaris Production Release) 1.5.0 12
• Sun JDK (Solaris Production Release) 1.5.0 13
• Sun JDK (Solaris Production Release) 1.5.0 14
• Sun JDK (Solaris Production Release) 1.5.0 15
• Sun JDK (Solaris Production Release) 1.5.0 16
• Sun JDK (Solaris Production Release) 1.5.0 17
• Sun JDK (Solaris Production Release) 1.5.0 18
• Sun JDK (Solaris Production Release) 1.5.0 20
• Sun JDK (Solaris Production Release) 1.5.0 23
• Sun JDK (Solaris Production Release) 1.6.0 17
• Sun JDK (Solaris Production Release) 1.6.0 01
• Sun JDK (Solaris Production Release) 1.6.0 01-B06
• Sun JDK (Solaris Production Release) 1.6.0 02
• Sun JDK (Solaris Production Release) 1.6.0 03
• Sun JDK (Solaris Production Release) 1.6.0 04
• Sun JDK (Solaris Production Release) 1.6.0 05
• Sun JDK (Solaris Production Release) 1.6.0 06
• Sun JDK (Solaris Production Release) 1.6.0 07
• Sun JDK (Solaris Production Release) 1.6.0 10
• Sun JDK (Solaris Production Release) 1.6.0 11
• Sun JDK (Solaris Production Release) 1.6.0 13
• Sun JDK (Solaris Production Release) 1.6.0 14
• Sun JDK (Solaris Production Release) 1.6.0 15
• Sun JDK (Solaris Production Release) 1.6.0 18
• Sun JDK (Solaris Production Release) 1.6.0
• Sun JDK (Windows Production Release) 1.5.0 .0 03
• Sun JDK (Windows Production Release) 1.5.0 .0 04
• Sun JDK (Windows Production Release) 1.5.0 .0 05
• Sun JDK (Windows Production Release) 1.5.0 0 10
• Sun JDK (Windows Production Release) 1.5.0 01
• Sun JDK (Windows Production Release) 1.5.0 02
• Sun JDK (Windows Production Release) 1.5.0 07-B03
• Sun JDK (Windows Production Release) 1.5.0 11-B03
• Sun JDK (Windows Production Release) 1.5.0 12
• Sun JDK (Windows Production Release) 1.5.0 13
• Sun JDK (Windows Production Release) 1.5.0 14
• Sun JDK (Windows Production Release) 1.5.0 15
• Sun JDK (Windows Production Release) 1.5.0 16
• Sun JDK (Windows Production Release) 1.5.0 17
• Sun JDK (Windows Production Release) 1.5.0 18
• Sun JDK (Windows Production Release) 1.5.0 20
• Sun JDK (Windows Production Release) 1.5.0 22
• Sun JDK (Windows Production Release) 1.5.0 23
• Sun JDK (Windows Production Release) 1.5.0.0 06
• Sun JDK (Windows Production Release) 1.5.0.0 08
• Sun JDK (Windows Production Release) 1.5.0.0 09
• Sun JDK (Windows Production Release) 1.5.0.0 11
• Sun JDK (Windows Production Release) 1.6.0 17
• Sun JDK (Windows Production Release) 1.6.0 01
• Sun JDK (Windows Production Release) 1.6.0 01-B06
• Sun JDK (Windows Production Release) 1.6.0 02
• Sun JDK (Windows Production Release) 1.6.0 03
• Sun JDK (Windows Production Release) 1.6.0 04
• Sun JDK (Windows Production Release) 1.6.0 05
• Sun JDK (Windows Production Release) 1.6.0 06
• Sun JDK (Windows Production Release) 1.6.0 07
• Sun JDK (Windows Production Release) 1.6.0 10
• Sun JDK (Windows Production Release) 1.6.0 11
• Sun JDK (Windows Production Release) 1.6.0 13
• Sun JDK (Windows Production Release) 1.6.0 14
• Sun JDK (Windows Production Release) 1.6.0 15
• Sun JDK (Windows Production Release) 1.6.0 18
• Sun JDK (Windows Production Release) 1.6.0
• Sun JRE (Linux Production Release) 1.5.0 22
• Sun JRE (Linux Production Release) 1.5.0 .0 Beta
• Sun JRE (Linux Production Release) 1.5.0 01
• Sun JRE (Linux Production Release) 1.5.0 02
• Sun JRE (Linux Production Release) 1.5.0 03
• Sun JRE (Linux Production Release) 1.5.0 04
• Sun JRE (Linux Production Release) 1.5.0 05
• Sun JRE (Linux Production Release) 1.5.0 06
• Sun JRE (Linux Production Release) 1.5.0 07
• Sun JRE (Linux Production Release) 1.5.0 08
• Sun JRE (Linux Production Release) 1.5.0 09
• Sun JRE (Linux Production Release) 1.5.0 10
• Sun JRE (Linux Production Release) 1.5.0 11
• Sun JRE (Linux Production Release) 1.5.0 12
• Sun JRE (Linux Production Release) 1.5.0 13
• Sun JRE (Linux Production Release) 1.5.0 14
• Sun JRE (Linux Production Release) 1.5.0 15
• Sun JRE (Linux Production Release) 1.5.0 16
• Sun JRE (Linux Production Release) 1.5.0 17
• Sun JRE (Linux Production Release) 1.5.0 18
• Sun JRE (Linux Production Release) 1.5.0 20
• Sun JRE (Linux Production Release) 1.5.0 23
• Sun JRE (Linux Production Release) 1.5.0
• Sun JRE (Linux Production Release) 1.6.0 17
• Sun JRE (Linux Production Release) 1.6.0 01
• Sun JRE (Linux Production Release) 1.6.0 02
• Sun JRE (Linux Production Release) 1.6.0 03
• Sun JRE (Linux Production Release) 1.6.0 04
• Sun JRE (Linux Production Release) 1.6.0 05
• Sun JRE (Linux Production Release) 1.6.0 06
• Sun JRE (Linux Production Release) 1.6.0 07
• Sun JRE (Linux Production Release) 1.6.0 10
• Sun JRE (Linux Production Release) 1.6.0 11
• Sun JRE (Linux Production Release) 1.6.0 12
• Sun JRE (Linux Production Release) 1.6.0 13
• Sun JRE (Linux Production Release) 1.6.0 14
• Sun JRE (Linux Production Release) 1.6.0 15
• Sun JRE (Linux Production Release) 1.6.0 18
• Sun JRE (Linux Production Release) 1.6.0
• Sun JRE (Solaris Production Release) 1.5.0 01
• Sun JRE (Solaris Production Release) 1.5.0 22
• Sun JRE (Solaris Production Release) 1.5.0 02
• Sun JRE (Solaris Production Release) 1.5.0 03
• Sun JRE (Solaris Production Release) 1.5.0 04
• Sun JRE (Solaris Production Release) 1.5.0 05
• Sun JRE (Solaris Production Release) 1.5.0 06
• Sun JRE (Solaris Production Release) 1.5.0 10
• Sun JRE (Solaris Production Release) 1.5.0 11
• Sun JRE (Solaris Production Release) 1.5.0 12
• Sun JRE (Solaris Production Release) 1.5.0 13
• Sun JRE (Solaris Production Release) 1.5.0 14
• Sun JRE (Solaris Production Release) 1.5.0 15
• Sun JRE (Solaris Production Release) 1.5.0 16
• Sun JRE (Solaris Production Release) 1.5.0 17
• Sun JRE (Solaris Production Release) 1.5.0 18
• Sun JRE (Solaris Production Release) 1.5.0 20
• Sun JRE (Solaris Production Release) 1.5.0 23
• Sun JRE (Solaris Production Release) 1.5.0
• Sun JRE (Solaris Production Release) 1.5.0.0 07
• Sun JRE (Solaris Production Release) 1.5.0.0 08
• Sun JRE (Solaris Production Release) 1.5.0.0 09
• Sun JRE (Solaris Production Release) 1.6.0 17
• Sun JRE (Solaris Production Release) 1.6.0 01
• Sun JRE (Solaris Production Release) 1.6.0 02
• Sun JRE (Solaris Production Release) 1.6.0 03
• Sun JRE (Solaris Production Release) 1.6.0 04
• Sun JRE (Solaris Production Release) 1.6.0 05
• Sun JRE (Solaris Production Release) 1.6.0 06
• Sun JRE (Solaris Production Release) 1.6.0 07
• Sun JRE (Solaris Production Release) 1.6.0 10
• Sun JRE (Solaris Production Release) 1.6.0 11
• Sun JRE (Solaris Production Release) 1.6.0 12
• Sun JRE (Solaris Production Release) 1.6.0 13
• Sun JRE (Solaris Production Release) 1.6.0 14
• Sun JRE (Solaris Production Release) 1.6.0 15
• Sun JRE (Solaris Production Release) 1.6.0 18
• Sun JRE (Solaris Production Release) 1.6.0 2
• Sun JRE (Solaris Production Release) 1.6.0
• Sun JRE (Windows Production Release) 1.5.0 22
• Sun JRE (Windows Production Release) 1.5.0 01
• Sun JRE (Windows Production Release) 1.5.0 02
• Sun JRE (Windows Production Release) 1.5.0 03
• Sun JRE (Windows Production Release) 1.5.0 04
• Sun JRE (Windows Production Release) 1.5.0 05
• Sun JRE (Windows Production Release) 1.5.0 06
• Sun JRE (Windows Production Release) 1.5.0 10
• Sun JRE (Windows Production Release) 1.5.0 11
• Sun JRE (Windows Production Release) 1.5.0 12
• Sun JRE (Windows Production Release) 1.5.0 13
• Sun JRE (Windows Production Release) 1.5.0 14
• Sun JRE (Windows Production Release) 1.5.0 15
• Sun JRE (Windows Production Release) 1.5.0 16
• Sun JRE (Windows Production Release) 1.5.0 17
• Sun JRE (Windows Production Release) 1.5.0 18
• Sun JRE (Windows Production Release) 1.5.0 20
• Sun JRE (Windows Production Release) 1.5.0 23
• Sun JRE (Windows Production Release) 1.5.0
• Sun JRE (Windows Production Release) 1.5.0.0 07
• Sun JRE (Windows Production Release) 1.5.0.0 08
• Sun JRE (Windows Production Release) 1.5.0.0 09
• Sun JRE (Windows Production Release) 1.6.0 17
• Sun JRE (Windows Production Release) 1.6.0 01
• Sun JRE (Windows Production Release) 1.6.0 02
• Sun JRE (Windows Production Release) 1.6.0 03
• Sun JRE (Windows Production Release) 1.6.0 04
• Sun JRE (Windows Production Release) 1.6.0 05
• Sun JRE (Windows Production Release) 1.6.0 06
• Sun JRE (Windows Production Release) 1.6.0 07
• Sun JRE (Windows Production Release) 1.6.0 10
• Sun JRE (Windows Production Release) 1.6.0 11
• Sun JRE (Windows Production Release) 1.6.0 12
• Sun JRE (Windows Production Release) 1.6.0 13
• Sun JRE (Windows Production Release) 1.6.0 14
• Sun JRE (Windows Production Release) 1.6.0 15
• Sun JRE (Windows Production Release) 1.6.0 18
• Sun JRE (Windows Production Release) 1.6.0 2
• Sun JRE (Windows Production Release) 1.6.0
• Ubuntu Ubuntu Linux 8.04 LTS Amd64
• Ubuntu Ubuntu Linux 8.04 LTS I386
• Ubuntu Ubuntu Linux 8.04 LTS Lpia
• Ubuntu Ubuntu Linux 8.04 LTS Powerpc
• Ubuntu Ubuntu Linux 8.04 LTS Sparc
• Ubuntu Ubuntu Linux 8.10 Amd64
• Ubuntu Ubuntu Linux 8.10 I386
• Ubuntu Ubuntu Linux 8.10 Lpia
• Ubuntu Ubuntu Linux 8.10 Powerpc
• Ubuntu Ubuntu Linux 8.10 Sparc
• Ubuntu Ubuntu Linux 9.04 Amd64
• Ubuntu Ubuntu Linux 9.04 I386
• Ubuntu Ubuntu Linux 9.04 Lpia
• Ubuntu Ubuntu Linux 9.04 Powerpc
• Ubuntu Ubuntu Linux 9.04 Sparc
• Ubuntu Ubuntu Linux 9.10 Amd64
• Ubuntu Ubuntu Linux 9.10 I386
• Ubuntu Ubuntu Linux 9.10 Lpia
• Ubuntu Ubuntu Linux 9.10 Powerpc
• Ubuntu Ubuntu Linux 9.10 Sparc
• VMWare ESX 4.1
• VMWare ESX Server 4.1
• VMWare ESX Server 4.1 ESX410-201011402-SG
• VMWare vCenter 4.1

Recommendations

Block external access at the network boundary, unless external parties require service.
Filter access to the affected computer at the network boundary if global access isn’t needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure applications to run as a nonadministrative user with minimal access rights.

Updates are available. Please see the references for more information.