Vulnerabilities > CVE-2010-3564 - Webmail Remote vulnerability in Oracle SUN products Suite 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Scientific Linux Local Security Checks NASL id SL_20101110_JAVA_1_6_0_OPENJDK_ON_SL6_X.NASL description defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 60892 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60892 title Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1010-1.NASL description Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user last seen 2020-06-01 modified 2020-06-02 plugin id 50410 published 2010-10-29 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50410 title Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerabilities (USN-1010-1) NASL family Scientific Linux Local Security Checks NASL id SL_20101013_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL description defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 60868 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60868 title Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0865.NASL description Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 50637 published 2010-11-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50637 title RHEL 6 : java-1.6.0-openjdk (RHSA-2010:0865) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0768.NASL description From Red Hat Security Advisory 2010:0768 : Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 68117 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68117 title Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0768) NASL family Fedora Local Security Checks NASL id FEDORA_2010-16294.NASL description - Thu Oct 7 2010 Jiri Vanek <jvanek at redhat.com> -1:1.6.0-43.1.8.2 - Imports icedtea6-1.8.2 - changed Release versioning from openjdkver to icedteaver - Resolves: rhbz#533125 - Resolves: rhbz#639876 - Resolves: rhbz#639880 - Resolves: rhbz#639897 - Resolves: rhbz#639904 - Resolves: rhbz#639909 - Resolves: rhbz#639914 - Resolves: rhbz#639920 - Resolves: rhbz#639922 - Resolves: rhbz#639925 - Resolves: rhbz#639951 - Resolves: rhbz#6622002 - Resolves: rhbz#6623943 - Resolves: rhbz#6925672 - Resolves: rhbz#6952017 - Resolves: rhbz#6952603 - Resolves: rhbz#6961084 - Resolves: rhbz#6963285 - Resolves: rhbz#6980004 - Resolves: rhbz#6981426 - Resolves: rhbz#6990437 - Mon Jul 26 2010 Martin Matejovic <mmatejov at redhat.com> -1:1.6.0-42.b18 - Imports icedtea6-1.8.1 - Removed: java-1.6.0-openjdk-plugin.patch - Resolves: rhbz#616893 - Resolves: rhbz#616895 - Mon Jun 14 2010 Martin Matejovic <mmatejov at redhat.com> -1:1.6.0.-41.b18 - Fixed plugin update to IcedTeaPlugin.so - Fixed plugin cpu usage issue - Fixed plugin rewrites ? in URL - Added java-1.6.0-openjdk-plugin.patch - Resovles: rhbz#598353 - Resolves: rhbz#592553 - Resolves: rhbz#602906 - Fri Jun 11 2010 Martin Matejovic <mmatejov at redhat.com> - 1:1.6.0-40.b18 - Rebuild - Tue Jun 8 2010 Martin Matejovic <mmatejov at redhat.com> - 1:1.6.0-39.b18 - Added icedtea6-1.8 - Added openjdk b18 - Added visualvm_122 - Added netbeans-profiler-visualvm_release68_1.tar.gz - Added jdk6-jaf-2009_10_27.zip as SOURCE9 - Added jdk6-jaxp-2009_10_13.zip as SOURCE10 - Added jdk6-jaxws-2009_10_27.zip as SOURCE11 - Added java-1.6.0-openjdk-visualvm-update.patch - Removed java-1.6.0-openjdk-securitypatches-20100323.patch - Removed java-1.6.0-openjdk-linux-globals.patch - Removed java-1.6.0-openjdk-memory-barriers.patch - Resolved: rhbz#595191 - Resovles: rhbz#596850 - Resolves: rhbz#597134 - Resolves: rhbz#580432 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50035 published 2010-10-20 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50035 title Fedora 13 : java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13 (2010-16294) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0768.NASL description Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 50003 published 2010-10-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50003 title CentOS 5 : java-1.6.0-openjdk (CESA-2010:0768) NASL family Fedora Local Security Checks NASL id FEDORA_2010-16240.NASL description - Thu Oct 7 2010 Jiri Vanek <jvanek at redhat.com> -1:1.6.0-41.1.8.2 - Imports icedtea6-1.8.2 - changed Release versioning from openjdkver to icedteaver - Resolves: rhbz#533125 - Resolves: rhbz#639876 - Resolves: rhbz#639880 - Resolves: rhbz#639897 - Resolves: rhbz#639904 - Resolves: rhbz#639909 - Resolves: rhbz#639914 - Resolves: rhbz#639920 - Resolves: rhbz#639922 - Resolves: rhbz#639925 - Resolves: rhbz#639951 - Resolves: rhbz#6622002 - Resolves: rhbz#6623943 - Resolves: rhbz#6925672 - Resolves: rhbz#6952017 - Resolves: rhbz#6952603 - Resolves: rhbz#6961084 - Resolves: rhbz#6963285 - Resolves: rhbz#6980004 - Resolves: rhbz#6981426 - Resolves: rhbz#6990437 - Mon Jul 26 2010 Martin Matejovic <mmatejov at redhat.com> -1:1.6.0-40.b18 - Imports icedtea6-1.8.1 - Removed: java-1.6.0-openjdk-plugin.patch - Resolves: rhbz#616893 - Resolves: rhbz#616895 - Mon Jun 14 2010 Martin Matejovic <mmatejov at redhat.com> -1:1.6.0.-39.b18 - Fixed plugin update to IcedTeaPlugin.so - Fixed plugin cpu usage issue - Fixed plugin rewrites ? in URL - Added java-1.6.0-openjdk-plugin.patch - Resovles: rhbz#598353 - Resolves: rhbz#592553 - Resolves: rhbz#602906 - Tue Apr 20 2010 Martin Matejovic <mmatejov at redhat.com> - 1:1.6.0-38.b18 - Added icedtea6-1.8 - Added openjdk b18 - Added jdk6-jaf-2009_10_27.zip as SOURCE9 - Added jdk6-jaxp-2009_10_13.zip as SOURCE10 - Added jdk6-jaxws-2009_10_27.zip as SOURCE11 - Removed java-1.6.0-openjdk-securitypatches-20100323.patch - Removed java-1.6.0-openjdk-linux-globals.patch - Removed java-1.6.0-openjdk-memory-barriers.patch - Removed java-1.6.0-openjdk-pulse-audio-libs.patch - Enabled NPPlugin - Tue Mar 30 2010 Martin Matejovic <mmatejov at redhat.com> - 1:1.6.0-37.b17 - Added java-1.6.0-openjdk-securitypatches-20100323.patch [plus 62 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50295 published 2010-10-22 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50295 title Fedora 12 : java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12 (2010-16240) NASL family SuSE Local Security Checks NASL id SUSE_11_2_JAVA-1_6_0-OPENJDK-101103.NASL description Icedtea included in java-1_6_0-openjdk was updated to version 1.7.5/1.8.2/1.9.1 to fix several security issues : - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition - S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities - S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free - S6938813, CVE-2010-3557: OpenJDK Swing mutable static - S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak - S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability - S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution - S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution - S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies - S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage - S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host - S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting) - S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code - S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection - S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts - S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection - S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection last seen 2020-06-01 modified 2020-06-02 plugin id 53731 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53731 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1) NASL family SuSE Local Security Checks NASL id SUSE_11_1_JAVA-1_6_0-OPENJDK-101103.NASL description Icedtea included in java-1_6_0-openjdk was updated to version 1.7.5/1.8.2/1.9.1 to fix several security issues : - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition - S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities - S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free - S6938813, CVE-2010-3557: OpenJDK Swing mutable static - S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak - S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability - S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution - S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution - S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies - S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage - S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host - S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting) - S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code - S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection - S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts - S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection - S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection last seen 2020-06-01 modified 2020-06-02 plugin id 53662 published 2011-05-05 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/53662 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1) NASL family Fedora Local Security Checks NASL id FEDORA_2010-16312.NASL description - Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation - Bug #642202 - CVE-2010-3541 CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004) - Bug #639909 - CVE-2010-3548 OpenJDK DNS server IP address information leak (6957564) - Bug #642180 - CVE-2010-3549 OpenJDK HttpURLConnection request splitting (6952017) - Bug #642187 - CVE-2010-3551 OpenJDK local network address disclosure (6952603) - Bug #642167 - CVE-2010-3553 OpenJDK Swing unsafe reflection usage (6622002) - Bug #639880 - CVE-2010-3554 CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672) - Bug #639904 - CVE-2010-3557 OpenJDK Swing mutable static (6938813) - Bug #639897 - CVE-2010-3562 OpenJDK IndexColorModel double-free (6925710) - Bug #639914 - CVE-2010-3564 OpenJDK kerberos vulnerability (6958060) - Bug #639920 - CVE-2010-3565 OpenJDK JPEG writeImage remote code execution (6963023) - Bug #642197 - CVE-2010-3567 OpenJDK ICU Opentype layout engine crash (6963285) - Bug #639876 - CVE-2010-3568 OpenJDK Deserialization Race condition (6559775) - Bug #639925 - CVE-2010-3569 OpenJDK Serialization inconsistencies (6966692) - Bug #642215 - CVE-2010-3574 OpenJDK HttpURLConnection incomplete TRACE permission check (6981426) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50007 published 2010-10-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50007 title Fedora 14 : java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14 (2010-16312) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0768.NASL description Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3569) Race condition in the way objects were deserialized could allow an untrusted applet or application to misuse the privileges of the user running the applet or application. (CVE-2010-3568) Miscalculation in the OpenType font rendering implementation caused out-of-bounds memory access, which could allow remote attackers to execute code with the privileges of the user running the java process. (CVE-2010-3567) JPEGImageWriter.writeImage in the imageio API improperly checked certain image metadata, which could allow a remote attacker to execute arbitrary code in the context of the user running the applet or application. (CVE-2010-3565) Double free in IndexColorModel could cause an untrusted applet or application to crash or, possibly, execute arbitrary code with the privileges of the user running the applet or application. (CVE-2010-3562) The privileged accept method of the ServerSocket class in the Common Object Request Broker Architecture (CORBA) implementation in OpenJDK allowed it to receive connections from any host, instead of just the host of the current connection. An attacker could use this flaw to bypass restrictions defined by network permissions. (CVE-2010-3561) Flaws in the Swing library could allow an untrusted application to modify the behavior and state of certain JDK classes. (CVE-2010-3557) Flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. (CVE-2010-3554) UIDefault.ProxyLazyValue had unsafe reflection usage, allowing untrusted callers to create objects via ProxyLazyValue values. (CVE-2010-3553) HttpURLConnection improperly handled the last seen 2020-06-01 modified 2020-06-02 plugin id 49974 published 2010-10-14 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49974 title RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0768) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201406-32.NASL description The remote host is affected by the vulnerability described in GLSA-201406-32 (IcedTea JDK: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 76303 published 2014-06-30 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76303 title GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT) NASL family SuSE Local Security Checks NASL id SUSE_11_3_JAVA-1_6_0-OPENJDK-101103.NASL description Icedtea included in java-1_6_0-openjdk was updated to version 1.7.5/1.8.2/1.9.1 to fix several security issues : - S6914943, CVE-2009-3555: TLS: MITM attacks via session renegotiation - S6559775, CVE-2010-3568: OpenJDK Deserialization Race condition - S6891766, CVE-2010-3554: OpenJDK corba reflection vulnerabilities - S6925710, CVE-2010-3562: OpenJDK IndexColorModel double-free - S6938813, CVE-2010-3557: OpenJDK Swing mutable static - S6957564, CVE-2010-3548: OpenJDK DNS server IP address information leak - S6958060, CVE-2010-3564: OpenJDK kerberos vulnerability - S6963023, CVE-2010-3565: OpenJDK JPEG writeImage remote code execution - S6963489, CVE-2010-3566: OpenJDK ICC Profile remote code execution - S6966692, CVE-2010-3569: OpenJDK Serialization inconsistencies - S6622002, CVE-2010-3553: UIDefault.ProxyLazyValue has unsafe reflection usage - S6925672, CVE-2010-3561: Privileged ServerSocket.accept allows receiving connections from any host - S6952017, CVE-2010-3549: HttpURLConnection chunked encoding issue (Http request splitting) - S6952603, CVE-2010-3551: NetworkInterface reveals local network address to untrusted code - S6961084, CVE-2010-3541: limit setting of some request headers in HttpURLConnection - S6963285, CVE-2010-3567: Crash in ICU Opentype layout engine due to mismatch in character counts - S6980004, CVE-2010-3573: limit HTTP request cookie headers in HttpURLConnection - S6981426, CVE-2010-3574: limit use of TRACE method in HttpURLConnection last seen 2020-06-01 modified 2020-06-02 plugin id 75534 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75534 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0957-1)
Oval
| accepted | 2015-04-20T04:00:23.614-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| description | Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:12398 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2011-02-02T17:07:54.000-05:00 | ||||||||||||||||||||
| title | HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities. | ||||||||||||||||||||
| version | 49 |
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
- http://secunia.com/advisories/41972
- http://secunia.com/advisories/42377
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://support.avaya.com/css/P8/documents/100114327
- http://support.avaya.com/css/P8/documents/100123193
- http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
- http://www.redhat.com/support/errata/RHSA-2010-0768.html
- http://www.redhat.com/support/errata/RHSA-2010-0865.html
- http://www.securityfocus.com/bid/43963
- http://www.ubuntu.com/usn/USN-1010-1
- http://www.us-cert.gov/cas/techalerts/TA10-287A.html
- http://www.vupen.com/english/advisories/2010/3086
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12398