Описание
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b20-1.10~pre2-0ubuntu5 |
| hardy | released | 1.8.2-4ubuntu1~8.04.1 |
| jaunty | released | 1.8.2-4ubuntu1~9.04.1 |
| karmic | released | 1.8.2-4ubuntu1~9.10.1 |
| lucid | released | 1.8.2-4ubuntu2 |
| maverick | released | 6b20-1.9.1-1ubuntu3 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 6b18-1.8.3-1ubuntu3 |
| hardy | DNE | |
| intrepid | DNE | |
| karmic | not-affected | 6b18-1.8.4-0ubuntu1~9.10.1 |
| lucid | not-affected | 6b18-1.8.3-0ubuntu1~10.04.1 |
| maverick | released | 6b18-1.8.2-4ubuntu1 |
| upstream | released | 6b22 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 6.22-0ubuntu1~8.04.1 |
| jaunty | released | 6.22-0ubuntu1~9.04.1 |
| karmic | released | 6.22-0ubuntu1~9.10.1 |
| lucid | released | 6.22-0ubuntu1~10.04 |
| maverick | released | 6.22-0ubuntu1~10.10 |
| upstream | needs-triage |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
Unspecified vulnerability in the Networking component in Oracle Java S ...
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.
ELSA-2010-0768: java-1.6.0-openjdk security and bug fix update (IMPORTANT)
EPSS
10 Critical
CVSS2