CVE-2010-4468

critical

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13552

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12848

https://exchange.xforce.ibmcloud.com/vulnerabilities/65409

http://www.securityfocus.com/bid/46393

http://www.redhat.com/support/errata/RHSA-2011-0880.html

http://www.redhat.com/support/errata/RHSA-2011-0282.html

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html

http://secunia.com/advisories/44954

http://marc.info/?l=bugtraq&m=134254957702612&w=2

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Details

Source: Mitre, NVD

Published: 2011-02-17

Updated: 2017-12-22

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical