CVE-2010-3573

Oracle Java SE/Jav for Bus <6-5 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3573. PoCs published by Roberto Suggi Liverani.

AI-analyzed exploit summary This exploit demonstrates a Same-Origin Policy (SOP) bypass in Java Applets using the java.net.URLConnection class to leak cookies between domains resolving to the same IP address. It performs a cross-site request forgery (XSRF) attack to capture sensitive cookie information from a target site.

Description

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.

Exploits (1)

exploitdb WORKING POC

by Roberto Suggi Liverani · textremotewindows

https://www.exploit-db.com/exploits/15288

View Code ZIP pw:eip

This exploit demonstrates a Same-Origin Policy (SOP) bypass in Java Applets using the java.net.URLConnection class to leak cookies between domains resolving to the same IP address. It performs a cross-site request forgery (XSRF) attack to capture sensitive cookie information from a target site.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Java Runtime Environment (JRE) 1.6.0_21 and earlier

No auth needed

Prerequisites: Two domains resolving to the same IP address · Victim must visit the malicious site hosting the applet

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (29)

Core 29

Core References

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=642202

Vendor Advisory x_refsource_confirm

http://support.avaya.com/css/P8/documents/100114327

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0865.html

Vendor Advisory x_refsource_confirm

http://support.avaya.com/css/P8/documents/100114315

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=134254866602253&w=2

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0770.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0768.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1010-1

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12220

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0987.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/44954

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-0880.html

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0873.html

Vendor Advisory x_refsource_confirm

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42974

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41972

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11990

Vendor Advisory x_refsource_confirm

http://support.avaya.com/css/P8/documents/100123193

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/516397/100/0/threaded

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41967

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2010-0807.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

Scores

EPSS 0.1056

EPSS Percentile 95.2%

Details

Status published

Products (5)

sun/jdk 1.6.0 (20 CPE variants)

sun/jdk 1.5.0 (25 CPE variants)

sun/jdk < 1.5.0

sun/jdk < 1.6.0

sun/jre 1.6.0 (3 CPE variants)

Published Oct 19, 2010

Tracked Since Feb 18, 2026