CVE-2010-4452

EXPLOITED

Oracle Java SE/Jav for Bus <6 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2010-4452 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Metasploit, Frederic Hoguin, jduck, including a Metasploit module exploits/windows/browser/java_codebase_trust.

AI-analyzed exploit summary This Metasploit module exploits CVE-2010-4452, a Java Applet2ClassLoader vulnerability, allowing remote code execution by escaping the Java Sandbox. It leverages a trusted codebase path and a URL without dots to bypass sandbox restrictions.

Description

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/16990

This Metasploit module exploits CVE-2010-4452, a Java Applet2ClassLoader vulnerability, allowing remote code execution by escaping the Java Sandbox. It leverages a trusted codebase path and a URL without dots to bypass sandbox restrictions.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Java Runtime Environment (JRE) 6 prior to update 24
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Java Runtime Environment 6 < update 24 installed on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Frederic Hoguin, jduck · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/java_codebase_trust.rb

This Metasploit module exploits CVE-2010-4452, a vulnerability in the Java Runtime Environment that allows an applet to run outside the sandbox by manipulating the 'codebase' and 'code' parameters. It serves a malicious .class file and HTML to trigger remote code execution on vulnerable JRE versions prior to 6 update 24.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle Java Runtime Environment (JRE) prior to 6 update 24
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Vulnerable JRE version installed on the target system
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8145
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=134254866602253&w=2
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14230
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/44954
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12927
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0880.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0282.html
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=134254957702612&w=2

Scores

EPSS 0.8490
EPSS Percentile 99.4%

Details

VulnCheck KEV 2011-06-20
Status published
Products (4)
sun/jdk 1.6.0 (22 CPE variants)
sun/jdk < 1.6.0
sun/jre 1.6.0 (21 CPE variants)
sun/jre < 1.6.0
Published Feb 17, 2011
Tracked Since Feb 18, 2026