Home > Vulnerability Database > CVE-2010-3561

Mend.io Vulnerability Database

CVE-2010-3561

Date: October 19, 2010

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.

Severity Score

7.3

Related Resources (30)

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-3561

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

Url: http://support.avaya.com/css/P8/documents/100123193

Url: http://security.gentoo.org/glsa/glsa-201406-32.xml

Url: http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

Url: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12200

Url: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

Url: http://www.ubuntu.com/usn/USN-1010-1

Url: https://access.redhat.com/security/cve/CVE-2010-3561

Url: http://secunia.com/advisories/42974

Url: http://support.avaya.com/css/P8/documents/100114327

Url: http://secunia.com/advisories/42377

Url: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12437

Url: http://marc.info/?l=bugtraq&m=134254866602253&w=2

Url: http://www.securityfocus.com/bid/44013

Url: https://bugzilla.redhat.com/show_bug.cgi?id=639880

Url: http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Url: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Url: http://www.redhat.com/support/errata/RHSA-2010-0768.html

Url: http://www.redhat.com/support/errata/RHSA-2010-0865.html

Url: http://www.securityfocus.com/archive/1/516397/100/0/threaded

Url: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

Url: http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

Url: http://www.redhat.com/support/errata/RHSA-2010-0770.html

Url: http://www.vupen.com/english/advisories/2010/3086

Url: http://support.avaya.com/css/P8/documents/100114315

Url: http://secunia.com/advisories/41972

Url: https://www.mend.io/vulnerability-database/CVE-2010-3561

Severity Score

7.3

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-3561

Date: October 19, 2010

Severity Score

Related Resources (30)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?