CVE-2010-4452

EXPLOITED

Oracle Java SE/Jav for Bus <6 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/16990
metasploit WORKING POC EXCELLENT
by Frederic Hoguin, jduck · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/java_codebase_trust.rb

References (10)

Scores

EPSS 0.8490
EPSS Percentile 99.4%

Details

VulnCheck KEV 2011-06-20
Status published
Products (4)
sun/jdk 1.6.0 (22 CPE variants)
sun/jdk < 1.6.0
sun/jre 1.6.0 (21 CPE variants)
sun/jre < 1.6.0
Published Feb 17, 2011
Tracked Since Feb 18, 2026