Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-0843
HistoryApr 01, 2010 - 12:00 a.m.

CVE-2010-0843

2010-04-0100:00:00
ubuntu.com
ubuntu.com
12

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.193

Percentile

96.4%

Unspecified vulnerability in the Sound component in Oracle Java SE and Java
for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows
remote attackers to affect confidentiality, integrity, and availability via
unknown vectors. NOTE: the previous information was obtained from the
March 2010 CPU. Oracle has not commented on claims from a reliable
researcher that this is related to XNewPtr and improper handling of an
integer parameter when allocating heap memory in the com.sun.media.sound
libraries, which allows remote attackers to execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchsun-java6< 6.20dlj-0ubuntu1.8.04UNKNOWN
ubuntu9.04noarchsun-java6< 6.20dlj-0ubuntu1.9.04UNKNOWN
ubuntu9.10noarchsun-java6< 6.20dlj-0ubuntu1.9.10UNKNOWN

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.193

Percentile

96.4%