Ubuntu.comUB:CVE-2010-0094CVE-2010-0094
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.937 High
EPSS
Percentile
99.1%
Unspecified vulnerability in the Java Runtime Environment component in
Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows
remote attackers to affect confidentiality, integrity, and availability via
unknown vectors. NOTE: the previous information was obtained from the
March 2010 CPU. Oracle has not commented on claims from a reliable
researcher that this is due to missing privilege checks during
deserialization of RMIConnectionImpl objects, which allows remote attackers
to call system-level Java functions via the ClassLoader of a constructor
that is being deserialized.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | openjdk-6 | < 6b11-2ubuntu2.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | openjdk-6 | < 6b12-0ubuntu6.7 | UNKNOWN |
| ubuntu | 9.04 | noarch | openjdk-6 | < 6b14-1.4.1-0ubuntu13 | UNKNOWN |
| ubuntu | 9.10 | noarch | openjdk-6 | < 6b16-1.6.1-3ubuntu3 | UNKNOWN |
| ubuntu | 8.04 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.8.04 | UNKNOWN |
| ubuntu | 9.04 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.9.04 | UNKNOWN |
| ubuntu | 9.10 | noarch | sun-java6 | < 6.20dlj-0ubuntu1.9.10 | UNKNOWN |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.937 High
EPSS
Percentile
99.1%