QwikSec

Security Database

CVE

CWE

Training

CVE-2010-0094

Published: Apr 1, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

APPLE-SA-2010-05-18-1

vendor-advisory

x_refsource_APPLE

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_VUPEN

APPLE-SA-2010-05-18-2

vendor-advisory

x_refsource_APPLE

SUSE-SR:2010:011

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_SECUNIA

http://www.zerodayinitiative.com/advisories/ZDI-10-051

x_refsource_MISC

http://support.apple.com/kb/HT4170

x_refsource_CONFIRM

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

x_refsource_CONFIRM

SUSE-SR:2010:008

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

20100405 ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability

mailing-list

x_refsource_BUGTRAQ

oval:org.mitre.oval:def:14351

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_HP

http://support.apple.com/kb/HT4171

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

oval:org.mitre.oval:def:10851

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.