cvelistv5 - cve-2010-0840

CVE-2010-0840 (GCVE-0-2010-0840)

Vulnerability from cvelistv5

Published

2010-04-01 16:00

Modified

2025-10-22 00:05

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Summary

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."

References

URL

Tags

	http://lists.apple.com/archives/security-announce/2010//May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/510528/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/39317	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0383.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/40545	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1454	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/39819	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1107	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2010-0338.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2010/1793	vdb-entry, x_refsource_VUPEN
	http://lists.apple.com/archives/security-announce/2010//May/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/43308	third-party-advisory, x_refsource_SECUNIA
	http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html	x_refsource_CONFIRM
	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=127557596201693&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0339.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=127557596201693&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/39292	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4170	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/1523	vdb-entry, x_refsource_VUPEN
	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/39065	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/39659	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0471.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://ubuntu.com/usn/usn-923-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0337.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2010-0489.html	vendor-advisory, x_refsource_REDHAT
	http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751	vendor-advisory, x_refsource_HP
	http://www.zerodayinitiative.com/advisories/ZDI-10-056	x_refsource_MISC
	http://secunia.com/advisories/40211	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4171	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:084	vendor-advisory, x_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2010/1191	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-05-25

Due date: 2022-06-15

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-0840

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:39.358Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2010-05-18-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
          },
          {
            "name": "39317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39317"
          },
          {
            "name": "RHSA-2010:0383",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
          },
          {
            "name": "40545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40545"
          },
          {
            "name": "ADV-2010-1454",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1454"
          },
          {
            "name": "oval:org.mitre.oval:def:13971",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
          },
          {
            "name": "39819",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39819"
          },
          {
            "name": "ADV-2010-1107",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1107"
          },
          {
            "name": "RHSA-2010:0338",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
          },
          {
            "name": "ADV-2010-1793",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1793"
          },
          {
            "name": "APPLE-SA-2010-05-18-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
          },
          {
            "name": "SUSE-SR:2010:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
          },
          {
            "name": "43308",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43308"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
          },
          {
            "name": "SSRT100179",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
          },
          {
            "name": "SSRT100089",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
          },
          {
            "name": "RHSA-2010:0339",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
          },
          {
            "name": "HPSBUX02524",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
          },
          {
            "name": "39292",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4170"
          },
          {
            "name": "ADV-2010-1523",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1523"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
          },
          {
            "name": "39065",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/39065"
          },
          {
            "name": "SUSE-SR:2010:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
          },
          {
            "name": "39659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39659"
          },
          {
            "name": "RHSA-2010:0471",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
          },
          {
            "name": "SUSE-SR:2010:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "name": "USN-923-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-923-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "RHSA-2010:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
          },
          {
            "name": "RHSA-2010:0489",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
          },
          {
            "name": "HPSBMA02547",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
          },
          {
            "name": "40211",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40211"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4171"
          },
          {
            "name": "oval:org.mitre.oval:def:9974",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
          },
          {
            "name": "MDVSA-2010:084",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "name": "ADV-2010-1191",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1191"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2010-0840",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T18:55:12.239252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-05-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:52.754Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-05-25T00:00:00.000Z",
            "value": "CVE-2010-0840 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-03-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: the previous information was obtained from the March 2010 CPU.  Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "APPLE-SA-2010-05-18-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
        },
        {
          "name": "39317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39317"
        },
        {
          "name": "RHSA-2010:0383",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
        },
        {
          "name": "40545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40545"
        },
        {
          "name": "ADV-2010-1454",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1454"
        },
        {
          "name": "oval:org.mitre.oval:def:13971",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
        },
        {
          "name": "39819",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39819"
        },
        {
          "name": "ADV-2010-1107",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1107"
        },
        {
          "name": "RHSA-2010:0338",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
        },
        {
          "name": "ADV-2010-1793",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1793"
        },
        {
          "name": "APPLE-SA-2010-05-18-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
        },
        {
          "name": "SUSE-SR:2010:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
        },
        {
          "name": "43308",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43308"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
        },
        {
          "name": "SSRT100179",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
        },
        {
          "name": "SSRT100089",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
        },
        {
          "name": "RHSA-2010:0339",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
        },
        {
          "name": "HPSBUX02524",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
        },
        {
          "name": "39292",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4170"
        },
        {
          "name": "ADV-2010-1523",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1523"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
        },
        {
          "name": "39065",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/39065"
        },
        {
          "name": "SUSE-SR:2010:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
        },
        {
          "name": "39659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39659"
        },
        {
          "name": "RHSA-2010:0471",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
        },
        {
          "name": "SUSE-SR:2010:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
        },
        {
          "name": "USN-923-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-923-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
        },
        {
          "name": "RHSA-2010:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
        },
        {
          "name": "RHSA-2010:0489",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
        },
        {
          "name": "HPSBMA02547",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
        },
        {
          "name": "40211",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40211"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4171"
        },
        {
          "name": "oval:org.mitre.oval:def:9974",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
        },
        {
          "name": "MDVSA-2010:084",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
        },
        {
          "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
        },
        {
          "name": "ADV-2010-1191",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1191"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2010-0840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: the previous information was obtained from the March 2010 CPU.  Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \"a similar trust issue with interfaces,\" aka \"Trusted Methods Chaining Remote Code Execution Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2010-05-18-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/510528/100/0/threaded"
            },
            {
              "name": "39317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39317"
            },
            {
              "name": "RHSA-2010:0383",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0383.html"
            },
            {
              "name": "40545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40545"
            },
            {
              "name": "ADV-2010-1454",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1454"
            },
            {
              "name": "oval:org.mitre.oval:def:13971",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971"
            },
            {
              "name": "39819",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39819"
            },
            {
              "name": "ADV-2010-1107",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1107"
            },
            {
              "name": "RHSA-2010:0338",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html"
            },
            {
              "name": "ADV-2010-1793",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1793"
            },
            {
              "name": "APPLE-SA-2010-05-18-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"
            },
            {
              "name": "SUSE-SR:2010:011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
            },
            {
              "name": "43308",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43308"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
            },
            {
              "name": "SSRT100179",
              "refsource": "HP",
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
              "name": "SSRT100089",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html"
            },
            {
              "name": "RHSA-2010:0339",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html"
            },
            {
              "name": "HPSBUX02524",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2"
            },
            {
              "name": "39292",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39292"
            },
            {
              "name": "http://support.apple.com/kb/HT4170",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4170"
            },
            {
              "name": "ADV-2010-1523",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1523"
            },
            {
              "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
            },
            {
              "name": "39065",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/39065"
            },
            {
              "name": "SUSE-SR:2010:008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
            },
            {
              "name": "39659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39659"
            },
            {
              "name": "RHSA-2010:0471",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0471.html"
            },
            {
              "name": "SUSE-SR:2010:017",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
            },
            {
              "name": "USN-923-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-923-1"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
            },
            {
              "name": "RHSA-2010:0337",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html"
            },
            {
              "name": "RHSA-2010:0489",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0489.html"
            },
            {
              "name": "HPSBMA02547",
              "refsource": "HP",
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-056",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-056"
            },
            {
              "name": "40211",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40211"
            },
            {
              "name": "http://support.apple.com/kb/HT4171",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4171"
            },
            {
              "name": "oval:org.mitre.oval:def:9974",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974"
            },
            {
              "name": "MDVSA-2010:084",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"
            },
            {
              "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
            },
            {
              "name": "ADV-2010-1191",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1191"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2010-0840",
    "datePublished": "2010-04-01T16:00:00.000Z",
    "dateReserved": "2010-03-03T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:52.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2010-0840",
      "dateAdded": "2022-05-25",
      "dueDate": "2022-06-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-0840",
      "product": "Java Runtime Environment (JRE)",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors.",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle JRE Unspecified Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T00:59:39.358Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2010-0840\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T18:55:12.239252Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-05-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-05-25T00:00:00.000Z\", \"value\": \"CVE-2010-0840 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0840\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T18:55:02.519Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2010-03-30T00:00:00.000Z\", \"references\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: the previous information was obtained from the March 2010 CPU.  Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \\\"a similar trust issue with interfaces,\\\" aka \\\"Trusted Methods Chaining Remote Code Execution Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-10-10T18:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html\", \"name\": \"APPLE-SA-2010-05-18-1\", \"refsource\": \"APPLE\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"refsource\": \"HP\"}, {\"url\": \"http://www.securityfocus.com/archive/1/510528/100/0/threaded\", \"name\": \"20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://secunia.com/advisories/39317\", \"name\": \"39317\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0383.html\", \"name\": \"RHSA-2010:0383\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://secunia.com/advisories/40545\", \"name\": \"40545\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1454\", \"name\": \"ADV-2010-1454\", \"refsource\": \"VUPEN\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971\", \"name\": \"oval:org.mitre.oval:def:13971\", \"refsource\": \"OVAL\"}, {\"url\": \"http://secunia.com/advisories/39819\", \"name\": \"39819\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1107\", \"name\": \"ADV-2010-1107\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0338.html\", \"name\": \"RHSA-2010:0338\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1793\", \"name\": \"ADV-2010-1793\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html\", \"name\": \"APPLE-SA-2010-05-18-2\", \"refsource\": \"APPLE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html\", \"name\": \"SUSE-SR:2010:011\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/43308\", \"name\": \"43308\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"SSRT100179\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"SSRT100089\", \"refsource\": \"HP\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0339.html\", \"name\": \"RHSA-2010:0339\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=127557596201693\u0026w=2\", \"name\": \"HPSBUX02524\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/39292\", \"name\": \"39292\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://support.apple.com/kb/HT4170\", \"name\": \"http://support.apple.com/kb/HT4170\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1523\", \"name\": \"ADV-2010-1523\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"name\": \"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/39065\", \"name\": \"39065\", \"refsource\": \"BID\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\", \"name\": \"SUSE-SR:2010:008\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/39659\", \"name\": \"39659\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0471.html\", \"name\": \"RHSA-2010:0471\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html\", \"name\": \"SUSE-SR:2010:017\", \"refsource\": \"SUSE\"}, {\"url\": \"http://ubuntu.com/usn/usn-923-1\", \"name\": \"USN-923-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"name\": \"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0337.html\", \"name\": \"RHSA-2010:0337\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0489.html\", \"name\": \"RHSA-2010:0489\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\", \"name\": \"HPSBMA02547\", \"refsource\": \"HP\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"name\": \"http://www.zerodayinitiative.com/advisories/ZDI-10-056\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/40211\", \"name\": \"40211\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://support.apple.com/kb/HT4171\", \"name\": \"http://support.apple.com/kb/HT4171\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974\", \"name\": \"oval:org.mitre.oval:def:9974\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084\", \"name\": \"MDVSA-2010:084\", \"refsource\": \"MANDRIVA\"}, {\"url\": \"http://www.securityfocus.com/archive/1/516397/100/0/threaded\", \"name\": \"20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1191\", \"name\": \"ADV-2010-1191\", \"refsource\": \"VUPEN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: the previous information was obtained from the March 2010 CPU.  Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) \\\"a similar trust issue with interfaces,\\\" aka \\\"Trusted Methods Chaining Remote Code Execution Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2010-0840\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2010-0840\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:52.754Z\", \"dateReserved\": \"2010-03-03T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2010-04-01T16:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTA-2010-AVI-152

Vulnerability from certfr_avis

Plusieurs vulnérabilités découvertes dans Oracle Java peuvent être exploitées par un utilisateur malintentionné afin de compromettre le système ou d'entraver son bon fonctionnement.

Description

De multiples vulnérabilités ont été découvertes dans Oracle Java :

une erreur dans le code de la classe HeadspaceSoundbank peut provoquer un débordement de mémoire par le biais d'un fichier Soundbank spécialement conçu ;
une erreur dans le traitement des images peut provoquer un débordement de mémoire par le biais d'une applet Java spécialement conçue ;
plusieurs autres vulnérabilités non précisées sont présentes dans les composants Oracle Java.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Java for Business, JDK/JRE 6 Update 18 et antérieures pour Windows, Solaris, et Linux ;
Oracle	N/A	Java for Business, SDK/JRE 1.4.2_25 et antérieures pour Windows, Solaris, et Linux.
Oracle	Java SE	Java SE, JDK/JRE 6 Update 18 et antérieures pour Windows, Solaris, et Linux ;
Oracle	Java SE	Java SE, SDK 1.4.2_25 et antérieures pour Solaris ;
Oracle	N/A	Java for Business, JDK/JRE 5.0 Update 23 et antérieures pour Windows, Solaris, et Linux ;
Oracle	Java SE	Java SE, JDK 5.0 Update 23 et antérieures pour Solaris ;

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle Java de mars 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Java for Business, JDK/JRE 6 Update 18 et ant\u00e9rieures pour Windows, Solaris, et Linux ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Java for Business, SDK/JRE 1.4.2_25 et ant\u00e9rieures pour Windows, Solaris, et Linux.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Java SE, JDK/JRE 6 Update 18 et ant\u00e9rieures pour Windows, Solaris, et Linux ;",
      "product": {
        "name": "Java SE",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Java SE, SDK 1.4.2_25 et ant\u00e9rieures pour Solaris ;",
      "product": {
        "name": "Java SE",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Java for Business, JDK/JRE 5.0 Update 23 et ant\u00e9rieures pour Windows, Solaris, et Linux ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Java SE, JDK 5.0 Update 23 et ant\u00e9rieures pour Solaris ;",
      "product": {
        "name": "Java SE",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java :\n\n-   une erreur dans le code de la classe HeadspaceSoundbank peut\n    provoquer un d\u00e9bordement de m\u00e9moire par le biais d\u0027un fichier\n    Soundbank sp\u00e9cialement con\u00e7u ;\n-   une erreur dans le traitement des images peut provoquer un\n    d\u00e9bordement de m\u00e9moire par le biais d\u0027une applet Java sp\u00e9cialement\n    con\u00e7ue ;\n-   plusieurs autres vuln\u00e9rabilit\u00e9s non pr\u00e9cis\u00e9es sont pr\u00e9sentes dans\n    les composants Oracle Java.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2009-3335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3335"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    }
  ],
  "initial_release_date": "2010-04-01T00:00:00",
  "last_revision_date": "2010-04-01T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-152",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-04-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Oracle Java peuvent \u00eatre\nexploit\u00e9es par un utilisateur malintentionn\u00e9 afin de compromettre le\nsyst\u00e8me ou d\u0027entraver son bon fonctionnement.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle Java de mars 2010",
      "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html"
    }
  ]
}

CERTA-2010-AVI-217

Vulnerability from certfr_avis

De multiples vulnérabilités dans la machine virtuelle Java permettent à un individu malveillant d'exécuter du code arbitraire à distance.

Description

De multiples vulnérabilités permettent à un individu malveillant d'exécuter du code arbitraire à distance. Ces vulnérabilités affectent la machine virtuelle Java du système. La visite d'une page Web compromise ou malveillante permet d'exécuter du code arbitraire sur un système vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Mac OS X version 10.5.
	N/A	N/A	Mac OS X version 10.6 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4170 et HT4171 du 18 mai 2010	None	vendor-advisory
Bulletin de sécurité Apple HT4171 du 18 mai 2010 :	-	other
Bulletin de sécurité Apple HT4170 du 18 mai 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s permettent \u00e0 un individu malveillant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance. Ces vuln\u00e9rabilit\u00e9s affectent\nla machine virtuelle Java du syst\u00e8me. La visite d\u0027une page Web\ncompromise ou malveillante permet d\u0027ex\u00e9cuter du code arbitraire sur un\nsyst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3910"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0538"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2010-0886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0886"
    },
    {
      "name": "CVE-2010-0539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0539"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2009-1105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1105"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-0887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0887"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    }
  ],
  "initial_release_date": "2010-05-19T00:00:00",
  "last_revision_date": "2010-05-19T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4171 du 18 mai 2010 :",
      "url": "http://support.apple.com/kb/HT4171"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4170 du 18 mai 2010 :",
      "url": "http://support.apple.com/kb/HT4170"
    }
  ],
  "reference": "CERTA-2010-AVI-217",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-05-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans la machine virtuelle Java permettent \u00e0\nun individu malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s Java de Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4170 et HT4171 du 18 mai 2010",
      "url": null
    }
  ]
}

CERTA-2010-AVI-317

Vulnerability from certfr_avis

De nombreuses vulnérabilités dans des produits HP Insight ont été corrigées, dont certaines permettant l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérabilités dans des produits HP Insight ont été corrigées. Elles sont de natures différentes pouvant aller jusqu'à l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP Insight Manager 4.x, 5.X et 6.x ;
N/A	N/A	HP Insight Orchestration 6.x ;
N/A	N/A	HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.
N/A	N/A	HP Insight Software Integrated Installer 6.x ;
N/A	N/A	HP Virtual Connect Enterprise Manager 6.x ;
N/A	N/A	HP Insight Control 6.x ;

References

Title

Publication Time

Tags

Bulletins de sécurité HP Insight	None	vendor-advisory
Bulletin de sécurité HP HPSBMA02550 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02551 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02554 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02548 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02549 du 13 juillet 2010 :	-	other
Bulletin de sécurité HP HPSBMA02547 du 13 juillet 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Insight Manager 4.x, 5.X et 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Orchestration 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control Suite For Linux(ICE-Linux) 2.x et 6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Software Integrated Installer 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Virtual Connect Enterprise Manager 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Insight Control 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9 corrig\u00e9es.\nElles sont de natures diff\u00e9rentes pouvant aller jusqu\u0027\u00e0 l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
    },
    {
      "name": "CVE-2010-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
    },
    {
      "name": "CVE-2010-2173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
    },
    {
      "name": "CVE-2010-1129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1129"
    },
    {
      "name": "CVE-2010-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
    },
    {
      "name": "CVE-2009-1524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1524"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
    },
    {
      "name": "CVE-2008-5110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5110"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
    },
    {
      "name": "CVE-2009-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0692"
    },
    {
      "name": "CVE-2010-1967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1967"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2010-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
    },
    {
      "name": "CVE-2010-1968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1968"
    },
    {
      "name": "CVE-2010-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
    },
    {
      "name": "CVE-2010-2181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
    },
    {
      "name": "CVE-2010-1969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1969"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
    },
    {
      "name": "CVE-2010-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
    },
    {
      "name": "CVE-2010-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1971"
    },
    {
      "name": "CVE-2007-5497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5497"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2010-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
    },
    {
      "name": "CVE-2010-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
    },
    {
      "name": "CVE-2010-1970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1970"
    },
    {
      "name": "CVE-2008-4546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
    },
    {
      "name": "CVE-2010-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
    },
    {
      "name": "CVE-2010-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
    },
    {
      "name": "CVE-2010-1965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1965"
    },
    {
      "name": "CVE-2010-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
    },
    {
      "name": "CVE-2010-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
    },
    {
      "name": "CVE-2010-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
    },
    {
      "name": "CVE-2010-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-2189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
    },
    {
      "name": "CVE-2010-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
    },
    {
      "name": "CVE-2010-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
    },
    {
      "name": "CVE-2010-2188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
    },
    {
      "name": "CVE-2010-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2007-2452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2452"
    },
    {
      "name": "CVE-2010-2186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
    },
    {
      "name": "CVE-2009-1523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1523"
    },
    {
      "name": "CVE-2010-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    },
    {
      "name": "CVE-2010-1966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1966"
    }
  ],
  "initial_release_date": "2010-07-16T00:00:00",
  "last_revision_date": "2010-07-16T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02550 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02550"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02551 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02551"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02554 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02554"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02548 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02548"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02549 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02549"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02547 du 13 juillet 2010 :",
      "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA02547"
    }
  ],
  "reference": "CERTA-2010-AVI-317",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-07-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s dans des produits HP Insight ont \u00e9t\u00e9\ncorrig\u00e9es, dont certaines permettant l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Insight",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP Insight",
      "url": null
    }
  ]
}

CERTA-2010-AVI-276

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans IBM Java permettent à un utilisateur distant malintentionné de porter atteinte à l'intégrité et à la confidentialié des données, de contourner la politique de sécurité, de provoquer un déni de service ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	N/A	IBM Java 6.x.
	IBM	N/A	IBM Java 5.x ;

References

Title

Publication Time

Tags

Mise à jour de sécurité IBM du 14 juin 2010 :

other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Java 6.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Java 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    }
  ],
  "initial_release_date": "2010-06-21T00:00:00",
  "last_revision_date": "2010-06-21T00:00:00",
  "links": [
    {
      "title": "Mise \u00e0 jour de s\u00e9curit\u00e9 IBM du 14 juin 2010 :",
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
    }
  ],
  "reference": "CERTA-2010-AVI-276",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans IBM Java permettent \u00e0 un utilisateur\ndistant malintentionn\u00e9 de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentiali\u00e9 des donn\u00e9es, de contourner la politique de s\u00e9curit\u00e9, de\nprovoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Java",
  "vendor_advisories": []
}

CERTA-2012-AVI-395

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été corrigées dans HP Network Node Manager i. Elles permettent à un utilisateur malintentionné de provoquer un déni de service à distance et de porter atteinte à l'intégrité et à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	HP Network Node Manager i 9.0x ;
	N/A	N/A	HP Network Node Manager i 9.1x.

References

Title

Publication Time

Tags

Bulletins de sécurité HP c03358587 et c03405642 du 16 juillet 2012	None	vendor-advisory
Bulletin de sécurité HP c03358587 du 16 juillet 2012 :	-	other
Bulletin de sécurité HP c03405642 du 16 juillet 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Network Node Manager i 9.0x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Network Node Manager i 9.1x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
    },
    {
      "name": "CVE-2011-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
    },
    {
      "name": "CVE-2010-4465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
    },
    {
      "name": "CVE-2010-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
    },
    {
      "name": "CVE-2012-0500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0500"
    },
    {
      "name": "CVE-2012-0502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
    },
    {
      "name": "CVE-2010-4473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
    },
    {
      "name": "CVE-2011-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
    },
    {
      "name": "CVE-2011-3545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2011-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2011-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
    },
    {
      "name": "CVE-2010-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
    },
    {
      "name": "CVE-2011-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
    },
    {
      "name": "CVE-2012-0507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0507"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-1321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
    },
    {
      "name": "CVE-2010-4451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
    },
    {
      "name": "CVE-2009-3871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
    },
    {
      "name": "CVE-2012-0505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
    },
    {
      "name": "CVE-2010-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
    },
    {
      "name": "CVE-2010-4467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
    },
    {
      "name": "CVE-2010-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
    },
    {
      "name": "CVE-2010-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
    },
    {
      "name": "CVE-2011-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
    },
    {
      "name": "CVE-2010-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
    },
    {
      "name": "CVE-2011-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3555"
    },
    {
      "name": "CVE-2010-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
    },
    {
      "name": "CVE-2010-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
    },
    {
      "name": "CVE-2009-3867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
    },
    {
      "name": "CVE-2011-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
    },
    {
      "name": "CVE-2010-4468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-3573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
    },
    {
      "name": "CVE-2010-3572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
    },
    {
      "name": "CVE-2010-3559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
    },
    {
      "name": "CVE-2011-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
    },
    {
      "name": "CVE-2010-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
    },
    {
      "name": "CVE-2012-0499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2011-0871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
    },
    {
      "name": "CVE-2010-4422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
    },
    {
      "name": "CVE-2011-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
    },
    {
      "name": "CVE-2010-0886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0886"
    },
    {
      "name": "CVE-2010-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
    },
    {
      "name": "CVE-2010-4462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2010-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
    },
    {
      "name": "CVE-2010-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
    },
    {
      "name": "CVE-2009-3872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3872"
    },
    {
      "name": "CVE-2011-0786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2011-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
    },
    {
      "name": "CVE-2010-3570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
    },
    {
      "name": "CVE-2012-0506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
    },
    {
      "name": "CVE-2011-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
    },
    {
      "name": "CVE-2012-0503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
    },
    {
      "name": "CVE-2010-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
    },
    {
      "name": "CVE-2010-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2011-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
    },
    {
      "name": "CVE-2010-4471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
    },
    {
      "name": "CVE-2010-4454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
    },
    {
      "name": "CVE-2011-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-3569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2009-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3876"
    },
    {
      "name": "CVE-2011-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
    },
    {
      "name": "CVE-2011-0862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
    },
    {
      "name": "CVE-2010-4472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
    },
    {
      "name": "CVE-2009-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
    },
    {
      "name": "CVE-2011-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
    },
    {
      "name": "CVE-2010-4463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
    },
    {
      "name": "CVE-2011-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
    },
    {
      "name": "CVE-2010-3562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
    },
    {
      "name": "CVE-2009-3869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
    },
    {
      "name": "CVE-2011-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-3568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
    },
    {
      "name": "CVE-2010-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2011-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
    },
    {
      "name": "CVE-2011-0817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
    },
    {
      "name": "CVE-2011-0863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
    },
    {
      "name": "CVE-2010-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-4469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
    },
    {
      "name": "CVE-2009-3873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3873"
    },
    {
      "name": "CVE-2012-0497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0497"
    },
    {
      "name": "CVE-2011-0873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
    },
    {
      "name": "CVE-2011-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
    },
    {
      "name": "CVE-2011-0814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
    },
    {
      "name": "CVE-2010-4475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
    },
    {
      "name": "CVE-2010-3567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
    },
    {
      "name": "CVE-2011-0788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
    },
    {
      "name": "CVE-2010-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
    },
    {
      "name": "CVE-2011-0869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
    },
    {
      "name": "CVE-2012-0501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0501"
    },
    {
      "name": "CVE-2012-0504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0504"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-4466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
    },
    {
      "name": "CVE-2011-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
    },
    {
      "name": "CVE-2010-0887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0887"
    },
    {
      "name": "CVE-2011-0867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
    },
    {
      "name": "CVE-2011-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
    },
    {
      "name": "CVE-2010-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
    },
    {
      "name": "CVE-2009-3874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
    },
    {
      "name": "CVE-2010-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2009-3868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3868"
    },
    {
      "name": "CVE-2010-3574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
    },
    {
      "name": "CVE-2011-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-4474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
    },
    {
      "name": "CVE-2011-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
    },
    {
      "name": "CVE-2009-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3865"
    },
    {
      "name": "CVE-2011-5035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-5035"
    },
    {
      "name": "CVE-2010-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
    },
    {
      "name": "CVE-2010-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2012-0508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0508"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2012-0498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0498"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2011-0872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
    },
    {
      "name": "CVE-2011-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2009-3866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3866"
    },
    {
      "name": "CVE-2010-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    }
  ],
  "initial_release_date": "2012-07-18T00:00:00",
  "last_revision_date": "2012-07-18T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03358587 du 16 juillet 2012 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03405642 du 16 juillet 2012 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642"
    }
  ],
  "reference": "CERTA-2012-AVI-395",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-07-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nNetwork Node Manager i\u003c/span\u003e. Elles permettent \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et de porter\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans HP Network Node Manager i",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP c03358587 et c03405642 du 16 juillet 2012",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2010-0840 (GCVE-0-2010-0840)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTA-2010-AVI-152

Vulnerability from certfr_avis

Description

Solution

CERTA-2010-AVI-217

Vulnerability from certfr_avis

Description

Solution

CERTA-2010-AVI-317

Vulnerability from certfr_avis

Description

Solution

CERTA-2010-AVI-276

Vulnerability from certfr_avis

Solution

CERTA-2012-AVI-395

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature