Language:
https://access.redhat.com/security/cve/cve-2009-3555
https://access.redhat.com/security/cve/cve-2010-0084
https://access.redhat.com/security/cve/cve-2010-0085
https://access.redhat.com/security/cve/cve-2010-0087
https://access.redhat.com/security/cve/cve-2010-0088
https://access.redhat.com/security/cve/cve-2010-0089
https://access.redhat.com/security/cve/cve-2010-0091
https://access.redhat.com/security/cve/cve-2010-0092
https://access.redhat.com/security/cve/cve-2010-0094
https://access.redhat.com/security/cve/cve-2010-0095
https://access.redhat.com/security/cve/cve-2010-0837
https://access.redhat.com/security/cve/cve-2010-0838
https://access.redhat.com/security/cve/cve-2010-0839
Severity: High
ID: 44974
File Name: redhat-RHSA-2010-0130.nasl
Version: 1.32
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 3/4/2010
Updated: 1/14/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.1
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE: cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin, cpe:/o:redhat:enterprise_linux:5.4, cpe:/o:redhat:enterprise_linux:4, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm, p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel, cpe:/o:redhat:enterprise_linux:4.8
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/3/2010
Vulnerability Publication Date: 11/9/2009
CANVAS (CANVAS)
Core Impact
Metasploit (Java RMIConnectionImpl Deserialization Privilege Escalation)
CVE: CVE-2009-3555, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091, CVE-2010-0092, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839
BID: 36935