Rapid7 Vulnerability & Exploit Database

USN-1010-1: OpenJDK vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-1010-1: OpenJDK vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

10/19/2010

Created

07/25/2018

Added

05/06/2013

Modified

07/09/2020

Description

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.

Solution(s)

ubuntu-upgrade-icedtea6-plugin
ubuntu-upgrade-openjdk-6-jdk
ubuntu-upgrade-openjdk-6-jre
ubuntu-upgrade-openjdk-6-jre-headless

References

https://attackerkb.com/topics/cve-2009-3555
APPLE-SA-2010-01-19-1
APPLE-SA-2010-05-18-1
APPLE-SA-2010-05-18-2
36935
43963
43979
43985
43988
43992
43994
44009
44011
44012
44013
44014
44017
44027
44032
44035
TA10-222A
TA10-287A
120541
CVE - 2009-3555
CVE - 2010-3541
CVE - 2010-3548
CVE - 2010-3549
CVE - 2010-3551
CVE - 2010-3553
CVE - 2010-3554
CVE - 2010-3557
CVE - 2010-3561
CVE - 2010-3562
CVE - 2010-3564
CVE - 2010-3565
CVE - 2010-3566
CVE - 2010-3567
CVE - 2010-3568
CVE - 2010-3569
CVE - 2010-3573
CVE - 2010-3574
DSA-1934
DSA-2141
DSA-3253
Category I
V0027158
V0030769
2011-A-0066
2011-A-0160
MS10-049
60521
60972
62210
65202
OVAL10088
OVAL11268
OVAL11330
OVAL11559
OVAL11560
OVAL11578
OVAL11617
OVAL11714
OVAL11798
OVAL11893
OVAL11930
OVAL11990
OVAL12029
OVAL12153
OVAL12180
OVAL12189
OVAL12200
OVAL12206
OVAL12220
OVAL12225
OVAL12226
OVAL12234
OVAL12294
OVAL12367
OVAL12398
OVAL12426
OVAL12437
OVAL12449
OVAL12450
OVAL12458
OVAL12462
OVAL12491
OVAL12545
OVAL14340
OVAL14354
OVAL14475
OVAL7315
OVAL7478
OVAL7973
OVAL8366
OVAL8535
RHSA-2010:0119
RHSA-2010:0130
RHSA-2010:0155
RHSA-2010:0165
RHSA-2010:0167
RHSA-2010:0337
RHSA-2010:0338
RHSA-2010:0339
RHSA-2010:0768
RHSA-2010:0770
RHSA-2010:0786
RHSA-2010:0807
RHSA-2010:0865
RHSA-2010:0873
RHSA-2010:0935
RHSA-2010:0986
RHSA-2010:0987
RHSA-2011:0152
RHSA-2011:0169
RHSA-2011:0880
SUSE-SA:2009:057
SUSE-SA:2010:061
USN-1010-1
54158

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;