| Vulnerability Name: | CVE-2010-0886 (CCN-57843) | ||||||||||||||||||||
| Assigned: | 2010-04-09 | ||||||||||||||||||||
| Published: | 2010-04-09 | ||||||||||||||||||||
| Updated: | 2018-10-10 | ||||||||||||||||||||
| Summary: | Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Per: http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html ' Notes: 1. Affects the Windows platform only. CVSS 10.0 score assumes running with Administrator privileges. Otherwise, CVSS score of 7.5 with Confidentiality, Integrity and Availability impacts of Partial+, Partial+ and Partial+.' | ||||||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
| References: | Source: CCN Type: The Oracle Global Product Security Blog Security Alert for CVE-2010-0886 and CVE-2010-0887 Released Source: MITRE Type: CNA CVE-2010-0886 Source: APPLE Type: UNKNOWN APPLE-SA-2010-05-18-1 Source: APPLE Type: UNKNOWN APPLE-SA-2010-05-18-2 Source: HP Type: UNKNOWN HPSBMU02799 Source: CCN Type: RHSA-2010-0356 Critical: java-1.6.0-sun security update Source: CCN Type: SA39819 Apple Mac OS X update for Java Source: SECUNIA Type: UNKNOWN 39819 Source: SUNALERT Type: UNKNOWN 279590 Source: SUNALERT Type: UNKNOWN 1022294 Source: CONFIRM Type: UNKNOWN http://support.apple.com/kb/HT4170 Source: CONFIRM Type: UNKNOWN http://support.apple.com/kb/HT4171 Source: CCN Type: Oracle Security Alert CVE-2010-0886 Oracle Security Alert CVE-2010-0886 Source: CONFIRM Type: Patch, Vendor Advisory http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html Source: CCN Type: OSVDB ID: 63798 Oracle Java Deployment Toolkit Java Web Start Argument Injection Arbitrary Program Execution Source: BUGTRAQ Type: UNKNOWN 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Source: CCN Type: BID-39492 Oracle Java SE and Java for Business Unspecified Vulnerabilities Source: CONFIRM Type: UNKNOWN http://www.vmware.com/security/advisories/VMSA-2011-0003.html Source: CONFIRM Type: UNKNOWN http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html Source: VUPEN Type: UNKNOWN ADV-2010-1191 Source: XF Type: UNKNOWN javase-toolkit-command-execution(57843) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:14216 | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||