CVE-2010-0887 - OpenCVE

Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Sun	Java

Configuration 1 [-]

OR	cpe:2.3:a:sun:java:6:18:business:::::*
	cpe:2.3:a:sun:java:6:18:se:::::*
	cpe:2.3:a:sun:java:6:19:business:::::*
	cpe:2.3:a:sun:java:6:19:se:::::*

References

Link	Resource
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://secunia.com/advisories/39819
http://support.apple.com/kb/HT4170
http://support.apple.com/kb/HT4171
http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html
http://www.vupen.com/english/advisories/2010/1191

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2010-04-20T19:00:00

Updated: 2016-08-19T15:57:01

Reserved: 2010-03-03T00:00:00

Link: CVE-2010-0887

JSON object: View

NVD Information

Status : Modified

Published: 2010-04-20T19:30:00.367

Modified: 2016-08-23T02:01:10.290

Link: CVE-2010-0887

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-04-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-08-19T15:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "APPLE-SA-2010-05-18-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"}, {"name": "HPSBMU02799", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "39819", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39819"}, {"name": "APPLE-SA-2010-05-18-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4170"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4171"}, {"name": "ADV-2010-1191", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1191"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2010-0887", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2010-05-18-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"}, {"name": "HPSBMU02799", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "39819", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39819"}, {"name": "APPLE-SA-2010-05-18-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"}, {"name": "http://support.apple.com/kb/HT4170", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4170"}, {"name": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html"}, {"name": "http://support.apple.com/kb/HT4171", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4171"}, {"name": "ADV-2010-1191", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1191"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2010-0887", "datePublished": "2010-04-20T19:00:00", "dateReserved": "2010-03-03T00:00:00", "dateUpdated": "2016-08-19T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java:6:18:business:*:*:*:*:*", "matchCriteriaId": "D7C55F11-C4BB-4696-A609-3363336572D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java:6:18:se:*:*:*:*:*", "matchCriteriaId": "0724BDCD-C2A7-445C-8DED-D9E0C257D610", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java:6:19:business:*:*:*:*:*", "matchCriteriaId": "3E55E715-CFC1-4DA9-B3F1-FE55405562F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java:6:19:se:*:*:*:*:*", "matchCriteriaId": "6BACA62E-CD5A-4C4F-9154-59FA2CF30DFD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente New Java Plug-in en Oracle Java SE y Java para Business JDK y JRE 6 Update 18 y 19, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2010-0887", "lastModified": "2016-08-23T02:01:10.290", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-20T19:30:00.367", "references": [{"source": "secalert_us@oracle.com", "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"}, {"source": "secalert_us@oracle.com", "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"}, {"source": "secalert_us@oracle.com", "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/39819"}, {"source": "secalert_us@oracle.com", "url": "http://support.apple.com/kb/HT4170"}, {"source": "secalert_us@oracle.com", "url": "http://support.apple.com/kb/HT4171"}, {"source": "secalert_us@oracle.com", "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.vupen.com/english/advisories/2010/1191"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}