Oval Definition:oval:org.mitre.oval:def:12367
Revision Date:2015-03-23Version:12
Title:Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Description:Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-3574
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Java Development Kit
Java Runtime Environment
Definition Synopsis
  • JRE 5
  • Java SE Runtime Environment 5 is installed
  • AND Determine if the version of Java Runtime Environment is less than 1.5.0:update26
  • JDK 5
  • Java SE Development Kit 5 is installed
  • AND Determine if the version of Java Development Kit is less than 1.5.0:update26
  • JDK 6
  • Java SE Development Kit 6 is installed
  • AND Check if Java Development Kit version is less than or equal to 1.6.0_21 (6.0.210.6)
  • JRE 6
  • Java SE Runtime Environment 6 is installed
  • AND Check if Java Runtime Environment version is less than or equal to 1.6.0_21 (6.0.210.6)
    • BACK