Описание
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b20-1.10~pre2-0ubuntu5 |
| hardy | released | 1.8.2-4ubuntu1~8.04.1 |
| jaunty | released | 1.8.2-4ubuntu1~9.04.1 |
| karmic | released | 1.8.2-4ubuntu1~9.10.1 |
| lucid | released | 1.8.2-4ubuntu2 |
| maverick | released | 6b20-1.9.1-1ubuntu3 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b18-1.8.3-1ubuntu3 |
| hardy | DNE | |
| intrepid | DNE | |
| karmic | not-affected | 6b18-1.8.4-0ubuntu1~9.10.1 |
| lucid | not-affected | 6b18-1.8.3-0ubuntu1~10.04.1 |
| maverick | released | 6b18-1.8.2-4ubuntu1 |
| upstream | released | 6b22 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 6.22-0ubuntu1~8.04.1 |
| jaunty | released | 6.22-0ubuntu1~9.04.1 |
| karmic | released | 6.22-0ubuntu1~9.10.1 |
| lucid | released | 6.22-0ubuntu1~10.04 |
| maverick | released | 6.22-0ubuntu1~10.10 |
| upstream | needs-triage |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
Unspecified vulnerability in the Java Runtime Environment component in ...
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
ELSA-2010-0768: java-1.6.0-openjdk security and bug fix update (IMPORTANT)
EPSS
10 Critical
CVSS2