Home > Vulnerability Database > CVE-2010-0843

Mend.io Vulnerability Database

CVE-2010-0843

Date: April 1, 2010

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.

Severity Score

7.3

Related Resources (36)

Url: http://secunia.com/advisories/43308

Url: http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Url: http://www.vupen.com/english/advisories/2010/1523

Url: http://marc.info/?l=bugtraq&m=127557596201693&w=2

Url: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

Url: http://www.redhat.com/support/errata/RHSA-2010-0383.html

Url: http://www.zerodayinitiative.com/advisories/ZDI-10-052/

Url: http://www.redhat.com/support/errata/RHSA-2010-0337.html

Url: http://www.vupen.com/english/advisories/2010/1191

Url: http://secunia.com/advisories/40211

Url: http://www.vupen.com/english/advisories/2010/1454

Url: http://www.securityfocus.com/bid/39083

Url: http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

Url: http://marc.info/?l=bugtraq&m=134254866602253&w=2

Url: http://www.vupen.com/english/advisories/2010/1793

Url: http://support.apple.com/kb/HT4170

Url: http://secunia.com/advisories/39659

Url: http://secunia.com/advisories/39819

Url: http://www.redhat.com/support/errata/RHSA-2010-0338.html

Url: http://www.redhat.com/support/errata/RHSA-2010-0471.html

Url: http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Url: http://secunia.com/advisories/39317

Url: http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14092

Url: http://support.apple.com/kb/HT4171

Url: http://www.redhat.com/support/errata/RHSA-2010-0489.html

Url: http://www.securityfocus.com/archive/1/516397/100/0/threaded

Url: http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-0843

Url: http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

Url: http://osvdb.org/63492

Url: http://secunia.com/advisories/40545

Url: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

Url: http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

Url: http://seclists.org/bugtraq/2010/Apr/41

Url: https://www.mend.io/vulnerability-database/CVE-2010-0843

Severity Score

7.3

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-0843

Date: April 1, 2010

Severity Score

Related Resources (36)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?