Vulnerabilities > CVE-2010-3550 - Remote Java Web Start vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_JAVA-1_6_0-SUN-101019.NASL
    Sun Java 1.6.0 was updated to Security Update U22. Following CVEs are tracked by the update: CVE-2010-3556 CVE-2010-3562 CVE-2010-3565 CVE-2010-3566 CVE-2010-3567 CVE-2010-3571 CVE-2010-3554 CVE-2010-3563 CVE-2010-3568 CVE-2010-3569 CVE-2010-3558 CVE-2010-3552 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3555 CVE-2010-3550 CVE-2010-3570 CVE-2010-3561 CVE-2009-3555 CVE-2010-1321 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3573 CVE-2010-3574 CVE-2010-3548 CVE-2010-3551 CVE-2010-3560
    last seen2020-06-01
    plugin id50299
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    titleopenSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2010:0754-1)
    "Sun Java 1.6.0 was updated to Security Update U22.
    The release notes for this release are on:
    Security advisory page for this update:
    Following CVEs are tracked by the update: CVE-2010-3556 CVE-2010-3562
    CVE-2010-3565 CVE-2010-3566 CVE-2010-3567 CVE-2010-3571 CVE-2010-3554
    CVE-2010-3563 CVE-2010-3568 CVE-2010-3569 CVE-2010-3558 CVE-2010-3552
    CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3555 CVE-2010-3550
    CVE-2010-3570 CVE-2010-3561 CVE-2009-3555 CVE-2010-1321 CVE-2010-3549
    CVE-2010-3557 CVE-2010-3541 CVE-2010-3573 CVE-2010-3574 CVE-2010-3548
    CVE-2010-3551 CVE-2010-3560"
        value:"Update the affected java-1_6_0-sun packages."
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2011-0013.NASL
    a. ESX third-party update for Service Console openssl RPM
The Service Console openssl RPM is updated to openssl-0.9.8e.12.el5_5.7 resolving two security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues.

b. ESX third-party update for Service Console libuser RPM
The Service Console libuser RPM is updated to version 0.54.7-2.1.el5_5.2 to resolve a security issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2011-0002 to this issue.

c. ESX third-party update for Service Console nss and nspr RPMs
The Service Console Network Security Services (NSS) and Netscape Portable Runtime (NSPR) libraries are updated to nspr-4.8.6-1 and nss-3.12.8-4 resolving multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3170 and CVE-2010-3173 to these issues.

d. vCenter Server and ESX, Oracle (Sun) JRE update 1.6.0_24
Oracle (Sun) JRE is updated to version 1.6.0_24, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.

e. vCenter Update Manager Oracle (Sun) JRE update 1.5.0_30
Oracle (Sun) JRE is updated to version 1.5.0_30, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.

f. Integer overflow in VMware third-party component sfcb
This release resolves an integer overflow issue present in the third-party library SFCB. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2054 to this issue.
    last seen2020-06-01
    plugin id56665
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    titleVMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
  accepted2015-06-01T04:00:05.909-04:00
    • nameSecPod Team
      organizationSecPod Technologies
    • nameMaria Mikhno
    • nameEvgeniy Pavlov
    • commentJava Development Kit is installed
    • commentJava SE Development Kit 6 is installed
    • commentJava Runtime Environment is installed
    • commentJava SE Runtime Environment 6 is installed
    descriptionUnspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
    titleUnspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions
  accepted2015-04-20T04:00:24.320-04:00
    • nameVarun Narula
    • nameSushant Kumar Singh
    • nameSushant Kumar Singh
    • namePrashant Kumar
    • nameMike Cokus
      organizationThe MITRE Corporation
    descriptionUnspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
    titleHP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities.


