Available Exploits 

• Sun Java Applet2ClassLoader Remote Code Execution

Description

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

References

• CVE-2010-4452
• OVAL-OVAL12927
• OVAL-OVAL14230
• REDHAT-RHSA-2011:0282
• REDHAT-RHSA-2011:0880
• URL: http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Solution

Related Vulnerabilities

• RHSA-2011:0282: java-1.6.0-sun security update
• Gentoo Linux: CVE-2010-4452: Oracle JRE/JDK: Multiple vulnerabilities
• SUSE Linux Security Vulnerability: CVE-2010-4452
• RHSA-2011:0880: Red Hat Network Satellite server IBM Java Runtime security update
• VMSA-2011-0013: vCenter Server and ESX, Oracle (Sun) JRE update 1.6.0_24 (CVE-2010-4452)
• SUSE Linux Security Advisory: SUSE-SA:2011:010
• RHSA-2011:0357: java-1.6.0-ibm security update
• HP-UX: CVE-2010-4452: Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities