CVE-2010-3564

2010-10-1400:00:00

ubuntu.com

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.011 Low

EPSS

Percentile

84.5%

JSON

Unspecified vulnerability in the Oracle Communications Messaging Server
(Sun Java System Messaging Server) component in Oracle Sun Products Suite
7.0 allows remote attackers to affect confidentiality and integrity via
unknown vectors related to Webmail. NOTE: the previous information was
obtained from the October 2010 CPU. Oracle has not commented on claims
from a reliable downstream vendor that the Kerberos implementation does not
properly check AP-REQ requests, which allows attackers to cause a denial of
service in the JVM. NOTE: CVE has not investigated the apparent
discrepancy between the two vendors regarding the consequences of this
issue.

Notes

Author	Note
sbeattie	red hat description: The Kerberos implementation improperly checked the sanity of AP-REQ requests, which could cause a denial of service condition in the receiving Java Virtual Machine.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchopenjdk-6< 1.8.2-4ubuntu1~8.04.1UNKNOWN
ubuntu9.04noarchopenjdk-6< 1.8.2-4ubuntu1~9.04.1UNKNOWN
ubuntu9.10noarchopenjdk-6< 1.8.2-4ubuntu1~9.10.1UNKNOWN
ubuntu10.04noarchopenjdk-6< 1.8.2-4ubuntu2UNKNOWN
ubuntu10.10noarchopenjdk-6< 6b20-1.9.1-1ubuntu3UNKNOWN
ubuntu10.10noarchopenjdk-6b18< 6b18-1.8.2-4ubuntu1UNKNOWN
ubuntu8.04noarchsun-java6< 6.22-0ubuntu1~8.04.1UNKNOWN
ubuntu9.04noarchsun-java6< 6.22-0ubuntu1~9.04.1UNKNOWN
ubuntu9.10noarchsun-java6< 6.22-0ubuntu1~9.10.1UNKNOWN
ubuntu10.04noarchsun-java6< 6.22-0ubuntu1~10.04UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	openjdk-6	< 1.8.2-4ubuntu1~8.04.1	UNKNOWN
ubuntu	9.04	noarch	openjdk-6	< 1.8.2-4ubuntu1~9.04.1	UNKNOWN
ubuntu	9.10	noarch	openjdk-6	< 1.8.2-4ubuntu1~9.10.1	UNKNOWN
ubuntu	10.04	noarch	openjdk-6	< 1.8.2-4ubuntu2	UNKNOWN
ubuntu	10.10	noarch	openjdk-6	< 6b20-1.9.1-1ubuntu3	UNKNOWN
ubuntu	10.10	noarch	openjdk-6b18	< 6b18-1.8.2-4ubuntu1	UNKNOWN
ubuntu	8.04	noarch	sun-java6	< 6.22-0ubuntu1~8.04.1	UNKNOWN
ubuntu	9.04	noarch	sun-java6	< 6.22-0ubuntu1~9.04.1	UNKNOWN
ubuntu	9.10	noarch	sun-java6	< 6.22-0ubuntu1~9.10.1	UNKNOWN
ubuntu	10.04	noarch	sun-java6	< 6.22-0ubuntu1~10.04	UNKNOWN